Browser öffnet 98.uj8.de/(gleiche Seite wie bei vielen anderen auch) von alleine.

Ichkaufpferd · 02.08.2014, 12:01

Hallo liebes Trojaner-Board. Ich bin hilfesuchend aufgrund des hxxp://98uj8.de/s3brsn5ba66mgfzeinrum#noad Problems. Mein Browser hat vorgestern damit angefangen den Tab allein zu öffnen. Selbst bei Schließen von Firefox wird dieser wieder geöffnet mit dieser Seite. Als das das erste Mal passiert ist, hab ich gleich WLAN (und somit meinen einzigen möglichen Zugang ins Internet) gekappt, mit "unlocker" meine Firefox.exe umbenannt und dann firefox deinstalliert. Schwuppdiwupp hat das gleiche Theater mit dem Internetexplorer angefangen. Nach einem Neustart war der Spuk vorerst vorbei. Anschließend hab ich nach dem Thread hier:
http://www.trojaner-board.de/157114-...d-problem.html
Malwarebyte und ADWCleaner durchlaufen gelassen und so einiges gefunden. Gebracht hat es bestimmt was, aber nicht den wirklich gewünschten Erfolg. Vorhin hat Firefox wieder mit 98uj8.de "rumgesponnen". Gestern wurde auch einmal die Seite planaria.kitchenpunk.co.uk aufgerufen. Nachdem sofortigen Unterbinden ist das aber nicht nochmal passiert.
Ich bin für jede Hilfe dankbar

Lg

deeprybka · 02.08.2014, 12:18

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab.
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Ichkaufpferd · 02.08.2014, 12:27

Hab ich gemacht. Hier das FRST.txt:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:2-08-2014
Ran by Klopapier (administrator) on HANSWERNER on 02-08-2014 13:21:11
Running from C:\Users\Klopapier\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
() C:\Program Files\Mobile Partner Manager\AssistantServices.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
() C:\Program Files\Winamp\winampa.exe
() C:\Program Files\Mobile Partner Manager\UIExec.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Dropbox, Inc.) C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {53299472-d065-11df-b8cd-00238b5d5139} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.hta
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {a0e8087c-5c06-11e2-a574-00238b5d5139} - G:\Startme.exe
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {c12a9f61-5bb5-11df-a5d9-00238b5d5139} - F:\autorun.exe
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {c56c39c0-99be-11df-ac55-00238b5d5139} - G:\LGAutoRun.exe
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {c7098ea2-caed-11df-9791-00238b5d5139} - G:\AUTORUN_o2Surfstick.exe /EjectCDROM
Startup: C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\youtubeunblocker@unblocker.yt [2014-08-01]
FF Extension: {0d11dcfc-80fd-42f1-8fd2-529c04599d17} - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\{0d11dcfc-80fd-42f1-8fd2-529c04599d17}.xpi [2014-08-02]
FF Extension: Adblock Plus - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-01]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-03]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-05] (Avira Operations GmbH & Co. KG)
S3 CoordinatorServiceHost; C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe [87336 2009-10-15] (Dassault Systèmes SolidWorks Corp.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O&O Software GmbH)
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365904 2008-09-23] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-06-30] () [File not signed]
R2 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-03-30] (SolidWorks) [File not signed]
R2 UI Assistant Service; C:\Program Files\Mobile Partner Manager\AssistantServices.exe [252784 2010-07-16] ()
S3 OpcEnum; C:\Windows\system32\OpcEnum.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\Windows\System32\drivers\AF15BDA.sys [289984 2009-11-05] (AfaTech                  )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-12] (Avira Operations GmbH & Co. KG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-02] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-05-09] () [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-31] (Avira GmbH)
S3 VSPerfDrv100; C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [48128 2009-12-08] (Microsoft Corporation) [File not signed]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [59376 2008-09-26] (Cyberlink Corp.)
U3 aolhm00k; C:\Windows\system32\Drivers\aolhm00k.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 pewappvr; \??\C:\Windows\system32\drivers\pewappvr.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-02 13:21 - 2014-08-02 13:22 - 00019558 _____ () C:\Users\Klopapier\Desktop\FRST.txt
2014-08-02 13:21 - 2014-08-02 13:21 - 00000000 ____D () C:\FRST
2014-08-02 13:19 - 2014-08-02 13:19 - 01084928 _____ (Farbar) C:\Users\Klopapier\Desktop\FRST.exe
2014-08-01 11:59 - 2014-08-01 11:59 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-01 11:18 - 2014-08-01 11:18 - 32047680 _____ () C:\Users\Klopapier\Downloads\Firefox_Setup_de31.0.exe
2014-08-01 11:03 - 2014-08-01 21:07 - 00000000 ____D () C:\AdwCleaner
2014-08-01 11:02 - 2014-08-01 11:02 - 01361309 _____ () C:\Users\Klopapier\Desktop\adwcleaner_3.302.exe
2014-08-01 11:01 - 2014-08-02 00:23 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-01 11:01 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-01 11:01 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 11:01 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-01 10:59 - 2014-08-01 10:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Klopapier\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-28 17:38 - 2014-08-02 12:40 - 00000680 _____ () C:\Users\Klopapier\AppData\Local\d3d9caps.dat
2014-07-17 02:02 - 2014-08-01 02:16 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\FileAdvisor
2014-07-15 20:35 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-15 20:35 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-15 20:35 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-15 20:35 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-15 20:35 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-15 20:35 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-15 20:35 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-15 20:35 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-15 20:35 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-15 20:35 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-15 20:35 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-15 20:35 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-15 20:35 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-15 20:35 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-15 20:35 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-15 20:35 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-15 20:35 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-15 20:35 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-15 20:35 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-15 20:35 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-05 23:17 - 2014-07-06 00:47 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\texstudio
2014-07-05 23:17 - 2014-07-05 23:17 - 00000817 _____ () C:\Users\Public\Desktop\TeXstudio.lnk
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio
2014-07-05 23:16 - 2014-07-05 23:17 - 00000000 ____D () C:\Program Files\TeXstudio
2014-07-05 13:05 - 2014-07-05 13:05 - 00017184 _____ () C:\Windows\system32\XMLOperations.xml
2014-07-03 02:04 - 2014-08-01 11:45 - 00000659 _____ () C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-03 02:02 - 2014-08-01 02:03 - 00000000 ____D () C:\Program Files\File Type Advisor
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\4Media
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\Program Files\Free M4a to MP3 Converter
2014-07-03 01:50 - 2014-07-03 01:53 - 00000000 ____D () C:\Output

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-02 13:22 - 2014-08-02 13:21 - 00019558 _____ () C:\Users\Klopapier\Desktop\FRST.txt
2014-08-02 13:21 - 2014-08-02 13:21 - 00000000 ____D () C:\FRST
2014-08-02 13:20 - 2011-04-18 20:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-02 13:19 - 2014-08-02 13:19 - 01084928 _____ (Farbar) C:\Users\Klopapier\Desktop\FRST.exe
2014-08-02 13:17 - 2009-07-13 22:55 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\Skype
2014-08-02 12:49 - 2009-01-05 01:10 - 01362097 _____ () C:\Windows\WindowsUpdate.log
2014-08-02 12:44 - 2010-10-30 16:22 - 00000000 ___RD () C:\Users\Klopapier\Documents\My Dropbox
2014-08-02 12:44 - 2010-10-30 16:18 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\Dropbox
2014-08-02 12:40 - 2014-07-28 17:38 - 00000680 _____ () C:\Users\Klopapier\AppData\Local\d3d9caps.dat
2014-08-02 12:40 - 2011-04-18 20:08 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-02 12:40 - 2010-04-09 23:26 - 00586866 _____ () C:\ProgramData\nvModes.dat
2014-08-02 12:40 - 2010-04-09 23:26 - 00586866 _____ () C:\ProgramData\nvModes.001
2014-08-02 12:40 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-02 12:40 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-02 12:40 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-02 12:38 - 2006-11-02 15:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-02 00:23 - 2014-08-01 11:01 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 21:08 - 2008-01-21 04:47 - 00560490 _____ () C:\Windows\PFRO.log
2014-08-01 21:07 - 2014-08-01 11:03 - 00000000 ____D () C:\AdwCleaner
2014-08-01 20:30 - 2012-04-26 11:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-01 11:59 - 2014-08-01 11:59 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-01 11:58 - 2014-06-18 21:28 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-01 11:45 - 2014-07-03 02:04 - 00000659 _____ () C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-01 11:34 - 2009-09-03 23:35 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-01 11:18 - 2014-08-01 11:18 - 32047680 _____ () C:\Users\Klopapier\Downloads\Firefox_Setup_de31.0.exe
2014-08-01 11:02 - 2014-08-01 11:02 - 01361309 _____ () C:\Users\Klopapier\Desktop\adwcleaner_3.302.exe
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-01 10:59 - 2014-08-01 10:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Klopapier\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-01 09:59 - 2014-04-27 17:59 - 00000000 ____D () C:\Users\Klopapier\Documents\Visual Studio 2010
2014-08-01 02:16 - 2014-07-17 02:02 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\FileAdvisor
2014-08-01 02:03 - 2014-07-03 02:02 - 00000000 ____D () C:\Program Files\File Type Advisor
2014-07-31 22:20 - 2014-05-24 19:18 - 00000000 ____D () C:\Program Files\Diablo II
2014-07-30 23:41 - 2014-03-29 20:21 - 00000000 ____D () C:\Users\Klopapier\Desktop\Bachelorarbeit
2014-07-30 23:41 - 2010-04-14 19:28 - 00000000 ____D () C:\Temp
2014-07-30 23:37 - 2011-04-22 15:50 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\SolidWorks
2014-07-26 23:07 - 2006-11-02 14:52 - 00004101 _____ () C:\Windows\setupact.log
2014-07-26 23:06 - 2006-11-02 12:33 - 01754342 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-25 18:58 - 2010-01-15 21:00 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\vlc
2014-07-25 17:44 - 2013-08-28 20:48 - 00000000 ____D () C:\Users\Klopapier\Desktop\konti
2014-07-25 16:19 - 2010-05-09 19:32 - 00000000 ____D () C:\Program Files\JDownloader
2014-07-25 12:19 - 2011-01-20 23:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 17:13 - 2011-01-20 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 21:21 - 2010-10-30 16:22 - 00000932 _____ () C:\Users\Klopapier\Desktop\Dropbox.lnk
2014-07-23 21:21 - 2010-10-30 16:19 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-17 20:18 - 2006-11-02 14:47 - 00456456 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-17 02:14 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-16 23:53 - 2008-10-22 09:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-16 23:46 - 2013-08-16 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-16 23:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-15 20:23 - 2010-10-30 14:26 - 00000000 ____D () C:\Users\Klopapier\Desktop\Latexdokumente
2014-07-06 00:47 - 2014-07-05 23:17 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\texstudio
2014-07-05 23:17 - 2014-07-05 23:17 - 00000817 _____ () C:\Users\Public\Desktop\TeXstudio.lnk
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio
2014-07-05 23:17 - 2014-07-05 23:16 - 00000000 ____D () C:\Program Files\TeXstudio
2014-07-05 23:15 - 2010-06-30 12:10 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\MiKTeX
2014-07-05 23:15 - 2010-06-30 12:10 - 00000000 ____D () C:\Users\Klopapier\AppData\Local\MiKTeX
2014-07-05 23:15 - 2010-06-30 11:57 - 00000000 ____D () C:\ProgramData\MiKTeX
2014-07-05 13:48 - 2012-10-20 00:56 - 00000000 ____D () C:\Users\Klopapier\AppData\Local\Paint.NET
2014-07-05 13:12 - 2013-09-01 15:37 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-05 13:05 - 2014-07-05 13:05 - 00017184 _____ () C:\Windows\system32\XMLOperations.xml
2014-07-03 03:13 - 2012-04-07 20:25 - 00000000 ____D () C:\Users\Klopapier\Desktop\Musik
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\4Media
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\Program Files\Free M4a to MP3 Converter
2014-07-03 01:53 - 2014-07-03 01:50 - 00000000 ____D () C:\Output

Files to move or delete:
====================
C:\ProgramData\SymUpdate.exe


Some content of TEMP:
====================
C:\Users\Klopapier\AppData\Local\Temp\avgnt.exe
C:\Users\Klopapier\AppData\Local\Temp\deletetemp.exe
C:\Users\Klopapier\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp681iq9.dll
C:\Users\Klopapier\AppData\Local\Temp\htmllite.dll
C:\Users\Klopapier\AppData\Local\Temp\Installer.exe
C:\Users\Klopapier\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-02 12:48

==================== End Of Log ============================

--- --- ---

Hier das Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:2-08-2014
Ran by Klopapier at 2014-08-02 13:23:30
Running from C:\Users\Klopapier\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AAC Decoder (HKLM\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Ahnenblatt 2.70 (HKLM\...\Ahnenblatt_is1) (Version: 2.70.0.0 - Dirk Boettcher)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Borderlands (HKLM\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.14 - Broadcom Corporation)
Calc 3D Pro Deutsch 2.1.7 (HKLM\...\Calc 3D Pro_is1) (Version: 2.1.7 - )
Cinergy T USB XE (MKII) V6.09.28.05b (HKLM\...\Cinergy T USB XE (MKII)) (Version: 6.09.28.05b - )
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crystal Reports for Visual Studio (Version: 12.51.0.240 - SAP) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Diablo II (HKLM\...\Diablo II) (Version:  - Blizzard Entertainment)
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
Dotfuscator Software Services - Community Edition - DEU (HKLM\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
File Type Advisor 1.4 (HKLM\...\File Type Advisor_is1) (Version:  - filetypeadvisor.com)
FL Studio 10 (HKLM\...\FL Studio 10) (Version:  - Image-Line)
Free Audio CD Burner version 1.4.7 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free M4a to MP3 Converter 8.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Studio version 4.8 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
H.264 Decoder (HKLM\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.1.0 - DivX, Inc.)
Hewlett-Packard Active Check for Health Check (Version: 1.1.15.2 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.64.0 - HP) Hidden
HP Active Support Library (Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.0.0 - Hewlett-Packard Company)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.0.2126 - Hewlett-Packard)
HP MediaSmart DVD (Version: 2.0.2126 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2125 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (Version: 2.0.2125 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}) (Version: 2.0.8 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.0926 - Hewlett-Packard)
HP MediaSmart Webcam (Version: 2.0.0926 - Hewlett-Packard) Hidden
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HP User Guides 0128 (HKLM\...\{07A5026D-5F9F-43D1-9073-C2F882D417E7}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPTCSSetup (HKLM\...\{30D3B7BC-5798-45D9-822D-05CA18F39E99}) (Version: 1.1.1955.2793 - Hewlett-Packard Company)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.0 - IDT)
IL Download Manager (HKLM\...\IL Download Manager) (Version:  - Image-Line)
Inkscape 0.48.3.1 (HKLM\...\Inkscape) (Version: 0.48.3.1 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.30 - Irfan Skiljan)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 18 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216018F0}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Java(TM) 6 Update 33 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.330 - Oracle)
Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JDownloader (HKLM\...\JDownloader) (Version: 0.89 - AppWork UG (haftungsbeschränkt))
Jet (HKCU\...\Jet) (Version: 24.0.1293.0 - Performersoft) <==== ATTENTION
Jet Browser version 0.2.0.7 (HKLM\...\{1EB98921-3AD1-4A7A-BED2-B4054E9CFA8E}_is1) (Version: 0.2.0.7 - Performersoft LLC) <==== ATTENTION
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.18.07 - JMicron Technology Corp.)
League of Legends (HKLM\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MATLAB R2011a (HKLM\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.)
Media Player Codec Pack 4.2.4 (HKLM\...\Media Player - Codec Pack) (Version: 4.2.4 - Media Player Codec Pack) <==== ATTENTION
Medieval II Total War (HKLM\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Messenger Plus! 5 (HKLM\...\Messenger Plus!) (Version: 1.0.1.102 - Yuna Software)
Messenger Plus! Live (HKLM\...\Messenger Plus! Live) (Version: 4.90.0.392 - Yuna Software)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - DEU (HKLM\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{1C2B3CEA-482E-4453-B3E2-C9731337828A}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{D074DC76-F6C9-440E-A1D0-1DE958417FDB}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) de (HKLM\...\{DB0AF767-7CC7-4E4D-B6BE-A200F20A2FB1}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM\...\{03A4C6A1-26E9-4DDB-81D9-B332E5BB10AD}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x86) de (HKLM\...\{EAF7B35C-DCBE-4032-9ABF-C35C43D07124}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de (HKLM\...\{D6A6CFAD-CD86-482B-90D1-6FCC4E252ACD}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x86) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Performance Collection Tools - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Ultimate - DEU (HKLM\...\Microsoft Visual Studio 2010 Ultimate - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MKV Splitter (HKLM\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.1 - DivX, Inc.)
Mobile Partner Manager (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA PhysX v8.10.29 (HKLM\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
O&O Defrag Free Edition (HKLM\...\{E29CFB36-F070-4612-8DB5-7038161B6294}) (Version: 14.1.431 - O&O Software GmbH)
OpenOffice.org 3.2 (HKLM\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
PDoD Uninstallation (HKLM\...\{B5A4D5A1-7646-4EA9-9D30-3368A736A791}_is1) (Version: 0.2.1 - SickMafia)
Plus-HD-V1.4 (HKLM\...\Plus-HD-V1.4) (Version: 1.34.7.1 - Plus HD) <==== ATTENTION
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2119 - CyberLink Corp.)
Power2Go (Version: 6.0.2119 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2119 - CyberLink Corp.)
PowerDirector (Version: 7.0.2119 - CyberLink Corp.) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}) (Version: 3.10 A7 - Hewlett-Packard)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Python 3.1 pygame-1.9.1 (HKLM\...\{23682768-0E25-461F-990B-8DFF1B701903}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 3.1.4 (HKLM\...\{1ACA3135-BA08-41a9-8019-9BFA2BD1C4EE}) (Version: 3.1.4150 - Python Software Foundation)
R for Windows 2.13.0 (HKLM\...\R for Windows 2.13.0_is1) (Version: 2.13.0 - R Development Core Team)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
RStudio (HKLM\...\RStudio) (Version: 0.93.89 - RStudio)
Secure Download Manager (HKLM\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Sentinel Protection Installer 7.6.6 (HKLM\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Service Pack 1 für SQL Server 2008 (KB 968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Solid Edge V20 (HKLM\...\{886F91D5-4B45-45DC-938E-6B0276C6B015}) (Version: 20.00.0096 - UGS)
SolidWorks 2010 SP0 (HKLM\...\{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}) (Version: 18.100.5035 - SolidWorks)
Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.12.15.18 - Sony Ericsson Communications AB)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.18.0 - Synaptics)
Tag - IGF Professional 2008 (HKLM\...\{1446A30C-6DAF-461E-96B1-31C554870082}_is1) (Version:  - DigiPen Institute of Technology)
TeamSpeak 2 RC2 (HKLM\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TerraTec Home Cinema (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.15.11 - )
TeXnicCenter Version 1.0 Stable RC1 (HKLM\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
TeXstudio 2.8.0 (HKLM\...\TeXstudio_is1) (Version: 2.8.0 - Benito van der Zander)
Text2Speech (HKCU\...\0ac7d207f51cb75e) (Version: 1.0.2.4 - Text2Speech)
TextPad 6 (HKLM\...\{3F04067F-0DA5-4F48-9A89-6FCFD2A9E040}) (Version: 6.1.3 - Helios)
TeXworks 0.4.5 (HKLM\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version:  - TeX Users Group)
TmNationsForever (HKLM\...\TmNationsForever_is1) (Version:  - Nadeo)
Torchlight (HKLM\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Torchlight German Patch (HKLM\...\{27B1B784-67A7-452B-A8FF-467E8ADAA8E9}) (Version: 1.0.0 - JoWooD)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{9AA2D735-3375-42D4-9A61-3FFEF82599D6}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0 - DivX, Inc) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Winamp (HKLM\...\Winamp) (Version: 5.56  - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
Windows Live OneCare safety scanner (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM\...\7DE39862CC26DCE2446838AAF7CD5C163F835A57) (Version: 09/04/2008 2.6.0.0 - ENE)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Wood Workshop (HKLM\...\{7AACE39E-A19F-468A-B130-6DBA27203075}) (Version: 1.01.0574 - Spiral Graphics Inc.)
Z-Plot 1.02 (HKLM\...\Z-Plot_is1) (Version:  - Reinhard Nopper)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\KLOPAP~1\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe  (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\Klopapier\AppData\Local\Performersoft\Application\24.0.1293.0\delegate_execute.exe" No Fil (the data entry has 1 more characters).
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{ABECE8A0-FF84-4efb-82AE-9B3181CE097D}\InprocServer32 -> C:\Program Files\TextPad 6\System\shellext32.dll (Helios Software Solutions)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

21-06-2014 09:15:55 Geplanter Prüfpunkt
05-07-2014 13:27:16 Geplanter Prüfpunkt
15-07-2014 19:52:17 Geplanter Prüfpunkt
16-07-2014 21:29:19 Windows Update
18-07-2014 19:59:36 Geplanter Prüfpunkt
18-07-2014 20:46:21 Removed Yahoo Community Smartbar
21-07-2014 10:01:57 Geplanter Prüfpunkt
23-07-2014 20:07:38 Geplanter Prüfpunkt
24-07-2014 15:06:47 Windows Update
26-07-2014 23:56:12 Geplanter Prüfpunkt
31-07-2014 22:11:47 Removed Yahoo Community Smartbar

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {13C0B272-F162-430E-A096-842CD9619C84} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-11 No Task File <==== ATTENTION
Task: {1A927772-32E3-47F9-BEA3-36833B8BEC71} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-4 No Task File <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {28961A71-547C-4C9F-B5A0-087250F8A808} - System32\Tasks\FileAdvisorCheck => C:\Program Files\File Type Advisor\file-type-advisor.exe [2013-09-04] (filetypeadvisor.com                                         )
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42667E16-A642-42F0-A9A4-94B81DC0ED25} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4C8EBDAD-CD61-488F-97BB-270DD36AB6A6} - System32\Tasks\FileAdvisorUpdate => C:\Program Files\File Type Advisor\fileadvisor.exe [2013-09-04] (File Type Advisor)
Task: {64FBCE57-FAF3-45A0-AE62-6FF51853C011} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-5_user No Task File <==== ATTENTION
Task: {65C1515D-0C9A-429B-AE7D-03EF8860742A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {69DD4939-36D9-416B-B4F2-7C7EDEB57978} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {8D123D67-E07F-45C9-96F9-1C1792B1F7D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-18] (Google Inc.)
Task: {9376E2F1-2A8E-4163-B46C-728942ACA8E1} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-3 No Task File <==== ATTENTION
Task: {9DAE4B3A-F4BE-40BC-A116-854C7C6C6DFB} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {A0D47484-A684-4E15-9C3C-9457B197761D} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-2 No Task File <==== ATTENTION
Task: {B5565F8A-CEC3-43AC-9DD6-AC7CAF3A1D79} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {C3F5613D-DD76-4AA5-8C47-BC66F7EEE52E} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {C710E864-BB93-45AB-90F3-E87C349CF9B0} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-1 No Task File <==== ATTENTION
Task: {CD25E0CD-DD68-4DEA-9590-16FB1485C399} - System32\Tasks\Herunterfahren => C:\Windows\System32\shutdown.exe [2008-01-21] (Microsoft Corporation)
Task: {E3E6C7C2-DBEB-44C4-A048-0FA10F753BB1} - System32\Tasks\{CDDE9153-0BEA-4B1A-9EBB-2472B2E209D0} => C:\Program Files\Skype\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {E4F1A730-A128-4E4C-8463-16DAE064F4A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-18] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EBFE465D-A966-4F23-8836-9DD8E604D5DF} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-5 No Task File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-07-04 23:32 - 2010-07-04 23:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-02-06 21:35 - 2009-12-12 16:12 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2008-10-22 10:02 - 2008-09-23 12:18 - 00365904 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-22 10:02 - 2008-09-23 12:18 - 00132432 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-22 09:54 - 2008-06-30 01:10 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2008-09-25 19:42 - 2008-09-25 19:42 - 00881960 ____N () C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2010-09-19 18:14 - 2010-07-16 09:49 - 00252784 _____ () C:\Program Files\Mobile Partner Manager\AssistantServices.exe
2009-07-01 18:37 - 2009-07-01 18:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe
2010-09-19 18:14 - 2010-07-16 09:51 - 00138584 _____ () C:\Program Files\Mobile Partner Manager\UIExec.exe
2010-07-04 21:51 - 2010-07-04 21:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2014-08-02 12:43 - 2014-08-02 12:43 - 00043008 _____ () c:\Users\Klopapier\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp681iq9.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-01 11:58 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2008-10-22 09:13 - 2008-04-11 09:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2014-06-19 00:41 - 2014-06-19 00:41 - 03022960 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2014-06-19 00:41 - 2014-06-19 00:41 - 00158832 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-19 00:41 - 2014-06-19 00:41 - 00023152 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2009-01-18 16:50 - 2009-01-18 16:50 - 00417792 _____ () C:\Program Files\Adobe\Reader 9.0\Reader\adobexmp.dll
2007-11-16 17:02 - 2007-11-16 17:02 - 00401408 ____R () C:\Program Files\Adobe\Reader 9.0\Reader\cryptocme2.dll
2007-11-16 17:02 - 2007-11-16 17:02 - 00479232 ____R () C:\Program Files\Adobe\Reader 9.0\Reader\ccme_base.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2014 00:57:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.0.532 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 16b4
Anfangszeit: 01cfadd5b88ca6c4
Zeitpunkt der Beendigung: 5

Error: (08/01/2014 11:34:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.0.532 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 15f0
Anfangszeit: 01cfad67341b8810
Zeitpunkt der Beendigung: 7373

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\9> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\9> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\8> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\8> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\7> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\7> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\6> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\6> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (08/02/2014 00:47:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (08/02/2014 00:41:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/02/2014 10:30:34 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (08/02/2014 10:24:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/01/2014 09:10:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/01/2014 09:07:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/01/2014 08:39:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (08/01/2014 08:38:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (08/01/2014 08:35:30 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: Das Gerät "JMB38X xD Host Controller" (PCI\VEN_197B&DEV_2384&SUBSYS_3603103C&REV_00\4&2bbd3a19&0&04E4) wurde ohne vorbereitende Maßnahmen vom System entfernt.

Error: (08/01/2014 08:35:30 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: Das Gerät "JMB38X MS Host Controller" (PCI\VEN_197B&DEV_2383&SUBSYS_3603103C&REV_00\4&2bbd3a19&0&03E4) wurde ohne vorbereitende Maßnahmen vom System entfernt.


Microsoft Office Sessions:
=========================
Error: (08/02/2014 00:57:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.53216b401cfadd5b88ca6c45

Error: (08/01/2014 11:34:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.53215f001cfad67341b88107373

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\9

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\9

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\8

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\8

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\7

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\7

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\6

Error: (08/01/2014 01:09:55 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KLOPAPIER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\6MWTVWS9.DEFAULT-1406843727758\CACHE\6


CodeIntegrity Errors:
===================================
  Date: 2014-08-02 13:23:20.948
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 13:23:20.328
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 13:23:19.723
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 13:23:19.153
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 13:23:18.351
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 13:23:17.795
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 13:23:17.229
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 13:23:16.658
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 00:39:03.352
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 00:39:02.568
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 59%
Total physical RAM: 3068.27 MB
Available physical RAM: 1241.3 MB
Total Pagefile: 6358.77 MB
Available Pagefile: 4415.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.71 MB

==================== Drives ================================

Drive c: (C) (Fixed) (Total:287.49 GB) (Free:112.9 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.6 GB) (Free:1.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Removable) (Total:29.8 GB) (Free:29.11 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 149FF503)
Partition 1: (Active) - (Size=287 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Lg

deeprybka · 02.08.2014, 12:39

Hi,

Schritt 1

Bitte deinstalliere folgende Programme:

Plus-HD-V1.4
Media Player Codec Pack 4.2.4
Jet Browser version 0.2.0.7
Jet
Java 7 Update 45
Java(TM) 6 Update 18
Java(TM) 6 Update 33
Java(TM) 6 Update 7

Lade Dir dazu bitte Revo Uninstaller

hier herunter. Entpacke die zip-Datei auf den Desktop.

Starte die Revouninstaller.exe
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
Klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2

Schließe alle offenen Programme und Browser.
Starte bitte Adwarecleaner.
Akzeptiere die Nutzungsbedingungen.
Klicke auf Suchen und warte, bis der Suchlauf abgeschlossen ist.
Klicke nun auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Sx].txt. (x = fortlaufende Nummer).

Schritt 3
Scan mit

Malwarebytes Antimalware
Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
Poste mir den Inhalt der Logdatei. Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 4

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Ichkaufpferd · 02.08.2014, 14:53

Ein paar Worte zu revouninstall:
1.

Zitat:

Media Player Codec Pack 4.2.4

Der programmeigene Deinstaller wollte die 'leftovers' nach einem Neustart selber beseitigen. Ich hab aber abgelehnt um den revouninstaller nicht zu belästigen. Der hat daraufhin KEINE 'leftovers' mehr selbst gefunden.
2.

Zitat:

Java(TM) 6 Update 33

Beim Deinstallieren hat mich revouninstall daraufhingewiesen, dass sich die Dateien im selben Verzeichnies wie Javaupdate 32 befindet und deshalb soll ich drauf achten, welche leftovers ich wirklich löschen will. Ich habe ALLE gelöscht. Gleiches galt für

Zitat:

Java 7 Update 45

und Javaupdate 25. Zudem hat sich der Softwareeigene Installer von der JavaVersion geöffnet in der sich die Versionen befanden.
3.

Zitat:

Java(TM) 6 Update 7

nach dem deinstallieren hat mir der Softwareeigene Installer gesagt: "erfolgreich installiert".
4.

Zitat:

Plus-HD-V1.4

sowie

Zitat:

Jet

und

Zitat:

Jet Browser version 0.2.0.7

konnten nicht deinstalliert werden, allerdings konnte ich 'leftovers' löschen. Plus-HD und Jet Browser sind jedoch danach nichtmehr im revouninstaller aufgetaucht. Nur noch Jet steht da.
5. Ich habe bei der Gelegenheit auch die "yahoo smartbar" deinstalliert. Das hab ich schonmal beim windowsinternen Softwareübersichtsdingens gemacht, aber anscheinend nicht sauber genug. Wollt ich nur mal am Rande erwähnt haben.
Der Malwarebyteauswurf(kann mir nicht vorstellen, dass du das sehen willst, aber nach befolgen deiner Anweisungen ist das das, was im Zwischenspeicher gespeichert wurde):

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 02.08.2014 00:23:36, SYSTEM, HANSWERNER, Manual, Rootkit Database, 2014.7.17.1, 2014.8.1.1, 
Update, 02.08.2014 00:23:42, SYSTEM, HANSWERNER, Manual, Malware Database, 2014.8.1.1, 2014.8.1.5, 
Update, 02.08.2014 14:34:47, SYSTEM, HANSWERNER, Manual, Malware Database, 2014.8.1.5, 2014.8.2.2, 

(end)

Die LOGfile vom ADWCleaner:

Code:

ATTFilter

# AdwCleaner v3.302 - Bericht erstellt am 02/08/2014 um 14:24:07
# Aktualisiert 30/07/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Klopapier - HANSWERNER
# Gestartet von : C:\Users\Klopapier\Desktop\adwcleaner_3.302.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16561


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\prefs.js ]


*************************

AdwCleaner[R0].txt - [19616 octets] - [01/08/2014 11:03:53]
AdwCleaner[R1].txt - [19677 octets] - [01/08/2014 11:13:00]
AdwCleaner[R2].txt - [1160 octets] - [01/08/2014 20:55:50]
AdwCleaner[R3].txt - [1281 octets] - [02/08/2014 14:22:28]
AdwCleaner[S0].txt - [14775 octets] - [01/08/2014 11:34:02]
AdwCleaner[S1].txt - [1121 octets] - [01/08/2014 21:06:59]
AdwCleaner[S2].txt - [1102 octets] - [02/08/2014 14:24:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1162 octets] ##########

Die LOGfiles von FRST.
FRST.txt:
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:2-08-2014
Ran by Klopapier (administrator) on HANSWERNER on 02-08-2014 15:41:22
Running from C:\Users\Klopapier\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Program Files\Mobile Partner Manager\AssistantServices.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
() C:\Program Files\Winamp\winampa.exe
() C:\Program Files\Mobile Partner Manager\UIExec.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Dropbox, Inc.) C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\RacAgent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {53299472-d065-11df-b8cd-00238b5d5139} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.hta
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {a0e8087c-5c06-11e2-a574-00238b5d5139} - G:\Startme.exe
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {c12a9f61-5bb5-11df-a5d9-00238b5d5139} - F:\autorun.exe
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {c56c39c0-99be-11df-ac55-00238b5d5139} - G:\LGAutoRun.exe
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {c7098ea2-caed-11df-9791-00238b5d5139} - G:\AUTORUN_o2Surfstick.exe /EjectCDROM
Startup: C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\youtubeunblocker@unblocker.yt [2014-08-01]
FF Extension: {0d11dcfc-80fd-42f1-8fd2-529c04599d17} - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\{0d11dcfc-80fd-42f1-8fd2-529c04599d17}.xpi [2014-08-02]
FF Extension: Adblock Plus - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-01]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-03]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-05] (Avira Operations GmbH & Co. KG)
S3 CoordinatorServiceHost; C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe [87336 2009-10-15] (Dassault Systèmes SolidWorks Corp.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O&O Software GmbH)
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365904 2008-09-23] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-06-30] () [File not signed]
R2 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-03-30] (SolidWorks) [File not signed]
R2 UI Assistant Service; C:\Program Files\Mobile Partner Manager\AssistantServices.exe [252784 2010-07-16] ()
S3 OpcEnum; C:\Windows\system32\OpcEnum.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\Windows\System32\drivers\AF15BDA.sys [289984 2009-11-05] (AfaTech                  )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-12] (Avira Operations GmbH & Co. KG)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-02] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-05-09] () [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-31] (Avira GmbH)
S3 VSPerfDrv100; C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [48128 2009-12-08] (Microsoft Corporation) [File not signed]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [59376 2008-09-26] (Cyberlink Corp.)
U3 ahsxbx03; C:\Windows\system32\Drivers\ahsxbx03.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 pewappvr; \??\C:\Windows\system32\drivers\pewappvr.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-02 13:40 - 2014-08-02 13:40 - 03007700 _____ () C:\Users\Klopapier\Desktop\revouninstaller.zip
2014-08-02 13:40 - 2014-08-02 13:40 - 00000000 ____D () C:\Users\Klopapier\Desktop\revouninstaller-portable
2014-08-02 13:23 - 2014-08-02 13:25 - 00057732 _____ () C:\Users\Klopapier\Desktop\Addition.txt
2014-08-02 13:21 - 2014-08-02 15:41 - 00019002 _____ () C:\Users\Klopapier\Desktop\FRST.txt
2014-08-02 13:21 - 2014-08-02 15:41 - 00000000 ____D () C:\FRST
2014-08-02 13:19 - 2014-08-02 13:19 - 01084928 _____ (Farbar) C:\Users\Klopapier\Desktop\FRST.exe
2014-08-01 11:59 - 2014-08-01 11:59 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-01 11:18 - 2014-08-01 11:18 - 32047680 _____ () C:\Users\Klopapier\Downloads\Firefox_Setup_de31.0.exe
2014-08-01 11:03 - 2014-08-02 14:24 - 00000000 ____D () C:\AdwCleaner
2014-08-01 11:02 - 2014-08-01 11:02 - 01361309 _____ () C:\Users\Klopapier\Desktop\adwcleaner_3.302.exe
2014-08-01 11:01 - 2014-08-02 14:34 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-01 11:01 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-01 11:01 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 11:01 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-01 10:59 - 2014-08-01 10:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Klopapier\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-28 17:38 - 2014-08-02 14:26 - 00007808 _____ () C:\Users\Klopapier\AppData\Local\d3d9caps.dat
2014-07-17 02:02 - 2014-08-01 02:16 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\FileAdvisor
2014-07-15 20:35 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-15 20:35 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-15 20:35 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-15 20:35 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-15 20:35 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-15 20:35 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-15 20:35 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-15 20:35 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-15 20:35 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-15 20:35 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-15 20:35 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-15 20:35 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-15 20:35 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-15 20:35 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-15 20:35 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-15 20:35 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-15 20:35 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-15 20:35 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-15 20:35 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-15 20:35 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-05 23:17 - 2014-07-06 00:47 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\texstudio
2014-07-05 23:17 - 2014-07-05 23:17 - 00000817 _____ () C:\Users\Public\Desktop\TeXstudio.lnk
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio
2014-07-05 23:16 - 2014-07-05 23:17 - 00000000 ____D () C:\Program Files\TeXstudio
2014-07-05 13:05 - 2014-07-05 13:05 - 00017184 _____ () C:\Windows\system32\XMLOperations.xml
2014-07-03 02:04 - 2014-08-01 11:45 - 00000659 _____ () C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-03 02:02 - 2014-08-01 02:03 - 00000000 ____D () C:\Program Files\File Type Advisor
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\4Media
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\Program Files\Free M4a to MP3 Converter
2014-07-03 01:50 - 2014-07-03 01:53 - 00000000 ____D () C:\Output

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-02 15:41 - 2014-08-02 13:21 - 00019002 _____ () C:\Users\Klopapier\Desktop\FRST.txt
2014-08-02 15:41 - 2014-08-02 13:21 - 00000000 ____D () C:\FRST
2014-08-02 15:37 - 2011-11-23 22:45 - 00000000 ____D () C:\Users\Klopapier\Desktop\Skins
2014-08-02 15:29 - 2009-07-13 22:55 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\Skype
2014-08-02 15:20 - 2011-04-18 20:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-02 15:12 - 2009-01-05 01:10 - 01432558 _____ () C:\Windows\WindowsUpdate.log
2014-08-02 14:34 - 2014-08-01 11:01 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-02 14:32 - 2010-10-30 16:22 - 00000000 ___RD () C:\Users\Klopapier\Documents\My Dropbox
2014-08-02 14:31 - 2010-10-30 16:18 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\Dropbox
2014-08-02 14:26 - 2014-07-28 17:38 - 00007808 _____ () C:\Users\Klopapier\AppData\Local\d3d9caps.dat
2014-08-02 14:26 - 2011-04-18 20:08 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-02 14:26 - 2010-04-09 23:26 - 00586866 _____ () C:\ProgramData\nvModes.dat
2014-08-02 14:26 - 2010-04-09 23:26 - 00586866 _____ () C:\ProgramData\nvModes.001
2014-08-02 14:26 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-02 14:26 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-02 14:26 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-02 14:25 - 2008-01-21 04:47 - 00561010 _____ () C:\Windows\PFRO.log
2014-08-02 14:24 - 2014-08-01 11:03 - 00000000 ____D () C:\AdwCleaner
2014-08-02 14:24 - 2006-11-02 15:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-02 14:09 - 2008-10-22 09:58 - 00000000 ____D () C:\Program Files\Java
2014-08-02 14:06 - 2013-12-05 01:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-02 14:04 - 2008-10-22 09:58 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-02 13:40 - 2014-08-02 13:40 - 03007700 _____ () C:\Users\Klopapier\Desktop\revouninstaller.zip
2014-08-02 13:40 - 2014-08-02 13:40 - 00000000 ____D () C:\Users\Klopapier\Desktop\revouninstaller-portable
2014-08-02 13:25 - 2014-08-02 13:23 - 00057732 _____ () C:\Users\Klopapier\Desktop\Addition.txt
2014-08-02 13:19 - 2014-08-02 13:19 - 01084928 _____ (Farbar) C:\Users\Klopapier\Desktop\FRST.exe
2014-08-01 20:30 - 2012-04-26 11:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-01 11:59 - 2014-08-01 11:59 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-01 11:58 - 2014-06-18 21:28 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-01 11:45 - 2014-07-03 02:04 - 00000659 _____ () C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-01 11:34 - 2009-09-03 23:35 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-01 11:18 - 2014-08-01 11:18 - 32047680 _____ () C:\Users\Klopapier\Downloads\Firefox_Setup_de31.0.exe
2014-08-01 11:02 - 2014-08-01 11:02 - 01361309 _____ () C:\Users\Klopapier\Desktop\adwcleaner_3.302.exe
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-01 10:59 - 2014-08-01 10:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Klopapier\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-01 09:59 - 2014-04-27 17:59 - 00000000 ____D () C:\Users\Klopapier\Documents\Visual Studio 2010
2014-08-01 02:16 - 2014-07-17 02:02 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\FileAdvisor
2014-08-01 02:03 - 2014-07-03 02:02 - 00000000 ____D () C:\Program Files\File Type Advisor
2014-07-31 22:20 - 2014-05-24 19:18 - 00000000 ____D () C:\Program Files\Diablo II
2014-07-30 23:41 - 2014-03-29 20:21 - 00000000 ____D () C:\Users\Klopapier\Desktop\Bachelorarbeit
2014-07-30 23:41 - 2010-04-14 19:28 - 00000000 ____D () C:\Temp
2014-07-30 23:37 - 2011-04-22 15:50 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\SolidWorks
2014-07-26 23:07 - 2006-11-02 14:52 - 00004101 _____ () C:\Windows\setupact.log
2014-07-26 23:06 - 2006-11-02 12:33 - 01754342 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-25 18:58 - 2010-01-15 21:00 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\vlc
2014-07-25 17:44 - 2013-08-28 20:48 - 00000000 ____D () C:\Users\Klopapier\Desktop\konti
2014-07-25 16:19 - 2010-05-09 19:32 - 00000000 ____D () C:\Program Files\JDownloader
2014-07-25 12:19 - 2011-01-20 23:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 17:13 - 2011-01-20 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 21:21 - 2010-10-30 16:22 - 00000932 _____ () C:\Users\Klopapier\Desktop\Dropbox.lnk
2014-07-23 21:21 - 2010-10-30 16:19 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-17 20:18 - 2006-11-02 14:47 - 00456456 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-17 02:14 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-16 23:53 - 2008-10-22 09:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-16 23:46 - 2013-08-16 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-16 23:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-15 20:23 - 2010-10-30 14:26 - 00000000 ____D () C:\Users\Klopapier\Desktop\Latexdokumente
2014-07-06 00:47 - 2014-07-05 23:17 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\texstudio
2014-07-05 23:17 - 2014-07-05 23:17 - 00000817 _____ () C:\Users\Public\Desktop\TeXstudio.lnk
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio
2014-07-05 23:17 - 2014-07-05 23:16 - 00000000 ____D () C:\Program Files\TeXstudio
2014-07-05 23:15 - 2010-06-30 12:10 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\MiKTeX
2014-07-05 23:15 - 2010-06-30 12:10 - 00000000 ____D () C:\Users\Klopapier\AppData\Local\MiKTeX
2014-07-05 23:15 - 2010-06-30 11:57 - 00000000 ____D () C:\ProgramData\MiKTeX
2014-07-05 13:48 - 2012-10-20 00:56 - 00000000 ____D () C:\Users\Klopapier\AppData\Local\Paint.NET
2014-07-05 13:12 - 2013-09-01 15:37 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-05 13:05 - 2014-07-05 13:05 - 00017184 _____ () C:\Windows\system32\XMLOperations.xml
2014-07-03 03:13 - 2012-04-07 20:25 - 00000000 ____D () C:\Users\Klopapier\Desktop\Musik
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\4Media
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2014-07-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\Program Files\Free M4a to MP3 Converter
2014-07-03 01:53 - 2014-07-03 01:50 - 00000000 ____D () C:\Output

Files to move or delete:
====================
C:\ProgramData\SymUpdate.exe


Some content of TEMP:
====================
C:\Users\Klopapier\AppData\Local\Temp\avgnt.exe
C:\Users\Klopapier\AppData\Local\Temp\deletetemp.exe
C:\Users\Klopapier\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1guqgo.dll
C:\Users\Klopapier\AppData\Local\Temp\htmllite.dll
C:\Users\Klopapier\AppData\Local\Temp\Installer.exe
C:\Users\Klopapier\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-02 14:43

==================== End Of Log ============================

--- --- ---

Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:2-08-2014
Ran by Klopapier at 2014-08-02 15:42:11
Running from C:\Users\Klopapier\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AAC Decoder (HKLM\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Ahnenblatt 2.70 (HKLM\...\Ahnenblatt_is1) (Version: 2.70.0.0 - Dirk Boettcher)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Borderlands (HKLM\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.14 - Broadcom Corporation)
Calc 3D Pro Deutsch 2.1.7 (HKLM\...\Calc 3D Pro_is1) (Version: 2.1.7 - )
Cinergy T USB XE (MKII) V6.09.28.05b (HKLM\...\Cinergy T USB XE (MKII)) (Version: 6.09.28.05b - )
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crystal Reports for Visual Studio (Version: 12.51.0.240 - SAP) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Diablo II (HKLM\...\Diablo II) (Version:  - Blizzard Entertainment)
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
Dotfuscator Software Services - Community Edition - DEU (HKLM\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
File Type Advisor 1.4 (HKLM\...\File Type Advisor_is1) (Version:  - filetypeadvisor.com)
FL Studio 10 (HKLM\...\FL Studio 10) (Version:  - Image-Line)
Free Audio CD Burner version 1.4.7 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free M4a to MP3 Converter 8.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Studio version 4.8 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
H.264 Decoder (HKLM\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.1.0 - DivX, Inc.)
Hewlett-Packard Active Check for Health Check (Version: 1.1.15.2 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.64.0 - HP) Hidden
HP Active Support Library (Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.0.0 - Hewlett-Packard Company)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.0.2126 - Hewlett-Packard)
HP MediaSmart DVD (Version: 2.0.2126 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2125 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (Version: 2.0.2125 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}) (Version: 2.0.8 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.0926 - Hewlett-Packard)
HP MediaSmart Webcam (Version: 2.0.0926 - Hewlett-Packard) Hidden
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HP User Guides 0128 (HKLM\...\{07A5026D-5F9F-43D1-9073-C2F882D417E7}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPTCSSetup (HKLM\...\{30D3B7BC-5798-45D9-822D-05CA18F39E99}) (Version: 1.1.1955.2793 - Hewlett-Packard Company)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.0 - IDT)
IL Download Manager (HKLM\...\IL Download Manager) (Version:  - Image-Line)
Inkscape 0.48.3.1 (HKLM\...\Inkscape) (Version: 0.48.3.1 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.30 - Irfan Skiljan)
JDownloader (HKLM\...\JDownloader) (Version: 0.89 - AppWork UG (haftungsbeschränkt))
Jet (HKCU\...\Jet) (Version: 24.0.1293.0 - Performersoft) <==== ATTENTION
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.18.07 - JMicron Technology Corp.)
League of Legends (HKLM\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MATLAB R2011a (HKLM\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.)
Medieval II Total War (HKLM\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Messenger Plus! 5 (HKLM\...\Messenger Plus!) (Version: 1.0.1.102 - Yuna Software)
Messenger Plus! Live (HKLM\...\Messenger Plus! Live) (Version: 4.90.0.392 - Yuna Software)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - DEU (HKLM\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{1C2B3CEA-482E-4453-B3E2-C9731337828A}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{D074DC76-F6C9-440E-A1D0-1DE958417FDB}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) de (HKLM\...\{DB0AF767-7CC7-4E4D-B6BE-A200F20A2FB1}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM\...\{03A4C6A1-26E9-4DDB-81D9-B332E5BB10AD}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x86) de (HKLM\...\{EAF7B35C-DCBE-4032-9ABF-C35C43D07124}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de (HKLM\...\{D6A6CFAD-CD86-482B-90D1-6FCC4E252ACD}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x86) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Performance Collection Tools - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Ultimate - DEU (HKLM\...\Microsoft Visual Studio 2010 Ultimate - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MKV Splitter (HKLM\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.1 - DivX, Inc.)
Mobile Partner Manager (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA PhysX v8.10.29 (HKLM\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
O&O Defrag Free Edition (HKLM\...\{E29CFB36-F070-4612-8DB5-7038161B6294}) (Version: 14.1.431 - O&O Software GmbH)
OpenOffice.org 3.2 (HKLM\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
PDoD Uninstallation (HKLM\...\{B5A4D5A1-7646-4EA9-9D30-3368A736A791}_is1) (Version: 0.2.1 - SickMafia)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2119 - CyberLink Corp.)
Power2Go (Version: 6.0.2119 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2119 - CyberLink Corp.)
PowerDirector (Version: 7.0.2119 - CyberLink Corp.) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}) (Version: 3.10 A7 - Hewlett-Packard)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Python 3.1 pygame-1.9.1 (HKLM\...\{23682768-0E25-461F-990B-8DFF1B701903}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 3.1.4 (HKLM\...\{1ACA3135-BA08-41a9-8019-9BFA2BD1C4EE}) (Version: 3.1.4150 - Python Software Foundation)
R for Windows 2.13.0 (HKLM\...\R for Windows 2.13.0_is1) (Version: 2.13.0 - R Development Core Team)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
RStudio (HKLM\...\RStudio) (Version: 0.93.89 - RStudio)
Secure Download Manager (HKLM\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Sentinel Protection Installer 7.6.6 (HKLM\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Service Pack 1 für SQL Server 2008 (KB 968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Solid Edge V20 (HKLM\...\{886F91D5-4B45-45DC-938E-6B0276C6B015}) (Version: 20.00.0096 - UGS)
SolidWorks 2010 SP0 (HKLM\...\{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}) (Version: 18.100.5035 - SolidWorks)
Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.12.15.18 - Sony Ericsson Communications AB)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.18.0 - Synaptics)
Tag - IGF Professional 2008 (HKLM\...\{1446A30C-6DAF-461E-96B1-31C554870082}_is1) (Version:  - DigiPen Institute of Technology)
TeamSpeak 2 RC2 (HKLM\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TerraTec Home Cinema (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.15.11 - )
TeXnicCenter Version 1.0 Stable RC1 (HKLM\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
TeXstudio 2.8.0 (HKLM\...\TeXstudio_is1) (Version: 2.8.0 - Benito van der Zander)
Text2Speech (HKCU\...\0ac7d207f51cb75e) (Version: 1.0.2.4 - Text2Speech)
TextPad 6 (HKLM\...\{3F04067F-0DA5-4F48-9A89-6FCFD2A9E040}) (Version: 6.1.3 - Helios)
TeXworks 0.4.5 (HKLM\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version:  - TeX Users Group)
TmNationsForever (HKLM\...\TmNationsForever_is1) (Version:  - Nadeo)
Torchlight (HKLM\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Torchlight German Patch (HKLM\...\{27B1B784-67A7-452B-A8FF-467E8ADAA8E9}) (Version: 1.0.0 - JoWooD)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{9AA2D735-3375-42D4-9A61-3FFEF82599D6}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0 - DivX, Inc) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Winamp (HKLM\...\Winamp) (Version: 5.56  - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
Windows Live OneCare safety scanner (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM\...\7DE39862CC26DCE2446838AAF7CD5C163F835A57) (Version: 09/04/2008 2.6.0.0 - ENE)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Wood Workshop (HKLM\...\{7AACE39E-A19F-468A-B130-6DBA27203075}) (Version: 1.01.0574 - Spiral Graphics Inc.)
Z-Plot 1.02 (HKLM\...\Z-Plot_is1) (Version:  - Reinhard Nopper)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\KLOPAP~1\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe  (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{ABECE8A0-FF84-4efb-82AE-9B3181CE097D}\InprocServer32 -> C:\Program Files\TextPad 6\System\shellext32.dll (Helios Software Solutions)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

21-06-2014 09:15:55 Geplanter Prüfpunkt
05-07-2014 13:27:16 Geplanter Prüfpunkt
15-07-2014 19:52:17 Geplanter Prüfpunkt
16-07-2014 21:29:19 Windows Update
18-07-2014 19:59:36 Geplanter Prüfpunkt
18-07-2014 20:46:21 Removed Yahoo Community Smartbar
21-07-2014 10:01:57 Geplanter Prüfpunkt
23-07-2014 20:07:38 Geplanter Prüfpunkt
24-07-2014 15:06:47 Windows Update
26-07-2014 23:56:12 Geplanter Prüfpunkt
31-07-2014 22:11:47 Removed Yahoo Community Smartbar
02-08-2014 11:47:10 Revo Uninstaller's restore point - Media Player Codec Pack 4.2.4
02-08-2014 11:51:27 Revo Uninstaller's restore point - Java 7 Update 45
02-08-2014 11:51:50 Removed Java 7 Update 45
02-08-2014 11:56:24 Revo Uninstaller's restore point - Java(TM) 6 Update 18
02-08-2014 11:56:42 Removed Java(TM) 6 Update 18
02-08-2014 12:01:40 Revo Uninstaller's restore point - Java(TM) 6 Update 33
02-08-2014 12:02:15 Removed Java(TM) 6 Update 33
02-08-2014 12:07:12 Revo Uninstaller's restore point - Java(TM) 6 Update 7
02-08-2014 12:10:32 Revo Uninstaller's restore point - Plus-HD-V1.4
02-08-2014 12:11:41 Revo Uninstaller's restore point - Jet
02-08-2014 12:13:19 Revo Uninstaller's restore point - Jet Browser version 0.2.0.7
02-08-2014 12:16:32 Revo Uninstaller's restore point - Yahoo Community Smartbar
02-08-2014 12:19:13 Revo Uninstaller's restore point - Jet

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {13C0B272-F162-430E-A096-842CD9619C84} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-11 No Task File <==== ATTENTION
Task: {1A927772-32E3-47F9-BEA3-36833B8BEC71} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-4 No Task File <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {28961A71-547C-4C9F-B5A0-087250F8A808} - System32\Tasks\FileAdvisorCheck => C:\Program Files\File Type Advisor\file-type-advisor.exe [2013-09-04] (filetypeadvisor.com                                         )
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42667E16-A642-42F0-A9A4-94B81DC0ED25} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4C8EBDAD-CD61-488F-97BB-270DD36AB6A6} - System32\Tasks\FileAdvisorUpdate => C:\Program Files\File Type Advisor\fileadvisor.exe [2013-09-04] (File Type Advisor)
Task: {64FBCE57-FAF3-45A0-AE62-6FF51853C011} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-5_user No Task File <==== ATTENTION
Task: {65C1515D-0C9A-429B-AE7D-03EF8860742A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {69DD4939-36D9-416B-B4F2-7C7EDEB57978} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {8D123D67-E07F-45C9-96F9-1C1792B1F7D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-18] (Google Inc.)
Task: {9376E2F1-2A8E-4163-B46C-728942ACA8E1} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-3 No Task File <==== ATTENTION
Task: {9DAE4B3A-F4BE-40BC-A116-854C7C6C6DFB} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {A0D47484-A684-4E15-9C3C-9457B197761D} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-2 No Task File <==== ATTENTION
Task: {B5565F8A-CEC3-43AC-9DD6-AC7CAF3A1D79} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {C3F5613D-DD76-4AA5-8C47-BC66F7EEE52E} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {C710E864-BB93-45AB-90F3-E87C349CF9B0} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-1 No Task File <==== ATTENTION
Task: {CD25E0CD-DD68-4DEA-9590-16FB1485C399} - System32\Tasks\Herunterfahren => C:\Windows\System32\shutdown.exe [2008-01-21] (Microsoft Corporation)
Task: {E3E6C7C2-DBEB-44C4-A048-0FA10F753BB1} - System32\Tasks\{CDDE9153-0BEA-4B1A-9EBB-2472B2E209D0} => C:\Program Files\Skype\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {E4F1A730-A128-4E4C-8463-16DAE064F4A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-18] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EBFE465D-A966-4F23-8836-9DD8E604D5DF} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-5 No Task File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-07-04 23:32 - 2010-07-04 23:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2008-10-22 10:02 - 2008-09-23 12:18 - 00365904 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-22 10:02 - 2008-09-23 12:18 - 00132432 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-22 09:54 - 2008-06-30 01:10 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2008-09-25 19:42 - 2008-09-25 19:42 - 00881960 ____N () C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2010-09-19 18:14 - 2010-07-16 09:49 - 00252784 _____ () C:\Program Files\Mobile Partner Manager\AssistantServices.exe
2009-07-01 18:37 - 2009-07-01 18:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe
2010-09-19 18:14 - 2010-07-16 09:51 - 00138584 _____ () C:\Program Files\Mobile Partner Manager\UIExec.exe
2010-07-04 21:51 - 2010-07-04 21:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2014-08-02 14:29 - 2014-08-02 14:29 - 00043008 _____ () c:\Users\Klopapier\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1guqgo.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-01 11:58 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2008-10-22 09:13 - 2008-04-11 09:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2014 03:49:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.0.532 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1308
Anfangszeit: 01cfae4dd2c2c4be
Zeitpunkt der Beendigung: 8

Error: (08/02/2014 02:19:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:16:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:13:14 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:11:41 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:10:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:07:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:01:40 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 01:56:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 01:51:27 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}


System errors:
=============
Error: (08/02/2014 02:33:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (08/02/2014 02:27:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/02/2014 00:47:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (08/02/2014 00:41:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/02/2014 10:30:34 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (08/02/2014 10:24:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/01/2014 09:10:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/01/2014 09:07:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/01/2014 08:39:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (08/01/2014 08:38:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}


Microsoft Office Sessions:
=========================
Error: (08/02/2014 03:49:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.532130801cfae4dd2c2c4be8

Error: (08/02/2014 02:19:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:16:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:13:14 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:11:41 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:10:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:07:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:01:40 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 01:56:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 01:51:27 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}


CodeIntegrity Errors:
===================================
  Date: 2014-08-02 15:42:02.748
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 15:42:02.101
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 15:42:01.499
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 15:42:00.881
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 15:42:00.077
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 15:41:59.452
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 15:41:58.815
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 15:41:58.179
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 15:40:44.184
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-02 15:40:43.513
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 56%
Total physical RAM: 3068.27 MB
Available physical RAM: 1347.35 MB
Total Pagefile: 6360.77 MB
Available Pagefile: 4526.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1912.2 MB

==================== Drives ================================

Drive c: (C) (Fixed) (Total:287.49 GB) (Free:111.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.6 GB) (Free:1.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Removable) (Total:29.8 GB) (Free:29.11 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 149FF503)
Partition 1: (Active) - (Size=287 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

deeprybka · 02.08.2014, 15:07

Gut soweit!

Probiere mal "Jet" über die Windows-Systemsteuerung zu deinstallieren.

Dann hätte ich gerne noch das "richtige" Log von Malwarebytes gesehen...

Lesestoff
MBAM-Funde posten: So gehts...
Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden.
Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.

Starte MBAM.
Klicke auf Verlauf.
Klicke auf Anwendungsprotokolle.
Klicke auf das letzte Suchlaufprotokoll mit Funden.
Klicke auf "In Zwischenablage kopieren".
Poste den Inhalt in Code-Tags [CODE] [/CODE] durch Einfügen mit Strg+V als Antwort in Deinen Thread.

Wenn das erledigt bitte so weitermachen:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Ichkaufpferd · 02.08.2014, 15:35

Jet ist weg. Über Systemsteuerung meinte Windows nur, das Programm existiert nicht mehr, soll es die Verknüpfung löschen? Bevor ich das gemacht habe, hab ich in meiner Startleiste geguckt und versucht da den Jetuninstaller auszuführen. Da wurde auch gesagt, dass das Programm nichtmehr existiere, ob ich die Verknüpfung löschen soll. Hab dann den Dateipfad der Verknüpfung überprüft und den gibt es nicht mehr. Also hab ichs auch aus der Systemsteuerung->Software und Programm löschen lassen. Jetzt ist Jet auch beim revouninstaller weg. Der Malwarebyte-Bericht:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 02.08.2014 00:23:36, SYSTEM, HANSWERNER, Manual, Rootkit Database, 2014.7.17.1, 2014.8.1.1, 
Update, 02.08.2014 00:23:42, SYSTEM, HANSWERNER, Manual, Malware Database, 2014.8.1.1, 2014.8.1.5, 
Update, 02.08.2014 14:34:47, SYSTEM, HANSWERNER, Manual, Malware Database, 2014.8.1.5, 2014.8.2.2, 

(end)

Es tut mir leid, aber Malwarebytes spuckt mir nichts anderes aus. Ich mache genau das, was im .gif abgebildet ist, aber bei mir sieht das etwas anders aus. Ich habe
keine 'suchlauf-Protokolle', sondern 'schutz-protokolle'. Klicke ich die Doppelt an, gibts im daraufhin erscheinenden Fenster keinen linken Teil. Wenn ich dann auf 'In Zwischenablage kopieren' anklicke, wird nur das was ich vorhin schon gepostet habe, ausgegeben.
So sieht es bei mir aus:
picload.org - fast 'n' easy imagehost
und bei Doppelklick auf 'schutz-protokoll':
picload.org - fast 'n' easy imagehost
Ich mach dann Jetzt den ESET-scan und meld mich dann wieder.
Lg

Edit:

und

deeprybka · 02.08.2014, 15:41

Mach bitte nochmal einen MBAM-Scan und versuch das Log zu posten. Wenn es nicht geht, dann machst eben weiter mit ESET...

Ichkaufpferd · 02.08.2014, 23:57

MBM will mir nichts anderes ausgeben, auch nach nochmaligem Durchlauf. Tut mir sehr leid

ESET ist durchgelaufen, hier das LOGfile:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=2e77986be8d8bb48829394fd080f0d10
# engine=19470
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-02 10:33:44
# local_time=2014-08-03 12:33:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 28959 151518043 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 28189951 244551552 0 0
# scanned=547180
# found=16
# cleaned=0
# scan_time=20950
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=2714DB0A06F74A4282CDDC307EA1599670422E09 ft=1 fh=dbe7f66a91f8fadc vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Klopapier\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=8A017A234D9CBC7D6368A800E29119DBAE8712BA ft=1 fh=c71c00115837424f vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\OpenCandy\OCSetupHlp.dll"
sh=C3E2EEA43263CC610AA91F562ECE2B1562012BCA ft=1 fh=e62d3c9cdf00b1a7 vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klopapier\AppData\Local\Temp\Installer.exe"
sh=19876B0C21073CE7AC4725124851FC36B7EA7301 ft=1 fh=31b372839de59c7b vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klopapier\Desktop\downloads\downloads\cbsidlm-cbsi188-MbrFix-SEO-10485990.exe"
sh=6F9A373F945D7059EBCC831803D63E636F267E29 ft=1 fh=3d16b789b476b813 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klopapier\Desktop\downloads\downloads\MP4 to MP3 Converter - CHIP-Installer.exe"
sh=9DF97B417C53958902D1876867B1B5233E107868 ft=1 fh=b6fea5969f17fc17 vn="Win32/Somoto.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klopapier\Desktop\downloads\downloads\nw_25927_matompconverterexe.exe"
sh=74652BB55B35EAF701B7776753E34D36835EEC6E ft=1 fh=6b672c3a89b6e08f vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Klopapier\Desktop\Skins\FreeYouTubeToMP3Converter(1).exe"
sh=AA190194CD322F27B81B57B66F0E48B16DDF09FC ft=1 fh=7a1e2a1eaadddca3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klopapier\Desktop\Skins\FreeYouTubeToMP3Converter.exe"
sh=D47084C19F405781C949A05FB145AED89230B453 ft=1 fh=107d665ffab989d7 vn="Variante von Win32/Bundled.Toolbar.Ask.G potenziell unsichere Anwendung" ac=I fn="C:\Users\Klopapier\Desktop\Skins\media.player.codec.pack.v4.2.4.setup.exe"
sh=44341AC3075A630346D44C97F22FE3B8DB90A2C8 ft=1 fh=03026ae03c5e9bfc vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GVHYMYOH\ApnIC[1].0"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\Temp\AskSLib.dll"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\Temp\avnwldrtemp\setup\Offercast_AVIRAV7_.exe"

deeprybka · 03.08.2014, 10:11

Hi,

hat Malwarebytes denn was "dramatisches" gefunden, bzw. steht bei den Rubriken nach nochmaligem Scan überall die "0" jetzt?

Schritt 1

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:

ATTFilter

C:\ProgramData\SymUpdate.exe
FF Extension: {0d11dcfc-80fd-42f1-8fd2-529c04599d17} - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\{0d11dcfc-80fd-42f1-8fd2-529c04599d17}.xpi [2014-08-02]

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

Starte FRST und drücke auf den Fix-Button.
Das Tool erstellt eine "Fixlog.txt" -Datei.
Poste mir bitte deren Inhalt.

Schritt 2

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Ichkaufpferd · 03.08.2014, 11:33

Frag mich bitte nicht wieso es jetzt geklappt hat. Hab Malwarebytes nochmal durchlaufen lassen und ein Suchlaufprotokoll bekommen. Hier der Bericht:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.08.2014
Suchlauf-Zeit: 11:13:36
Logdatei: test.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.03.02
Rootkit Datenbank: v2014.08.01.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Klopapier

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 301461
Verstrichene Zeit: 53 Min, 29 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Tiefer Rootkit-Suchlauf: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 1
PUP.Optional.GlobalUpdate.A, C:\Users\Klopapier\AppData\Local\Temp\comh.305510, , [89e105bc14676bcb09e07d4ad929ab55], 

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Dieses GlobalUpdate.A ist jedesmal aufs Neue drin wenn ich MBAM laufen lassen...

Nach dem Durchführen des Fixes ist mir Firefox direkt abgeschmiert (vielleicht war das klar, wenn man was an FF ändert, dass der geschlossen sein sollte. Daran hab ich nicht gedacht.) Hier der Fixlog von FRST:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:2-08-2014
Ran by Klopapier at 2014-08-03 12:10:55 Run:1
Running from C:\Users\Klopapier\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\ProgramData\SymUpdate.exe
FF Extension: {0d11dcfc-80fd-42f1-8fd2-529c04599d17} - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\{0d11dcfc-80fd-42f1-8fd2-529c04599d17}.xpi [2014-08-02]
*****************

C:\ProgramData\SymUpdate.exe => Moved successfully.
C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\{0d11dcfc-80fd-42f1-8fd2-529c04599d17}.xpi => Moved successfully.

==== End of Fixlog ====

Und jetzt noch FRST.txt:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:2-08-2014
Ran by Klopapier (administrator) on HANSWERNER on 03-08-2014 12:25:41
Running from C:\Users\Klopapier\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink Corp.) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Program Files\Mobile Partner Manager\AssistantServices.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
() C:\Program Files\Winamp\winampa.exe
() C:\Program Files\Mobile Partner Manager\UIExec.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {53299472-d065-11df-b8cd-00238b5d5139} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.hta
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {a0e8087c-5c06-11e2-a574-00238b5d5139} - G:\Startme.exe
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {c12a9f61-5bb5-11df-a5d9-00238b5d5139} - F:\autorun.exe
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {c56c39c0-99be-11df-ac55-00238b5d5139} - G:\LGAutoRun.exe
HKU\S-1-5-21-44494119-3696041132-2777540171-1000\...\MountPoints2: {c7098ea2-caed-11df-9791-00238b5d5139} - G:\AUTORUN_o2Surfstick.exe /EjectCDROM
Startup: C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\youtubeunblocker@unblocker.yt [2014-08-01]
FF Extension: Adblock Plus - C:\Users\Klopapier\AppData\Roaming\Mozilla\Firefox\Profiles\6mwtvws9.default-1406843727758\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-01]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-03]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-05] (Avira Operations GmbH & Co. KG)
S3 CoordinatorServiceHost; C:\Program Files\SolidWorks\swScheduler\DTSCoordinatorService.exe [87336 2009-10-15] (Dassault Systèmes SolidWorks Corp.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O&O Software GmbH)
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365904 2008-09-23] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-06-30] () [File not signed]
R2 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
S3 SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-03-30] (SolidWorks) [File not signed]
R2 UI Assistant Service; C:\Program Files\Mobile Partner Manager\AssistantServices.exe [252784 2010-07-16] ()
S3 OpcEnum; C:\Windows\system32\OpcEnum.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF15BDA; C:\Windows\System32\drivers\AF15BDA.sys [289984 2009-11-05] (AfaTech                  )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-12] (Avira Operations GmbH & Co. KG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-05-09] () [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-31] (Avira GmbH)
S3 VSPerfDrv100; C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [48128 2009-12-08] (Microsoft Corporation) [File not signed]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [59376 2008-09-26] (Cyberlink Corp.)
U3 a9idsseq; C:\Windows\system32\Drivers\a9idsseq.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 pewappvr; \??\C:\Windows\system32\drivers\pewappvr.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 12:15 - 2014-08-03 12:25 - 00035977 _____ () C:\Users\Klopapier\Desktop\Addition.txt
2014-08-03 12:07 - 2014-08-03 12:07 - 00001290 _____ () C:\Users\Klopapier\Desktop\test.txt
2014-08-03 10:30 - 2014-08-03 10:30 - 00083168 _____ () C:\Users\Klopapier\Downloads\Extras.Txt
2014-08-03 10:26 - 2014-08-03 10:26 - 00104464 _____ () C:\Users\Klopapier\Downloads\OTL.Txt
2014-08-02 18:41 - 2014-08-02 18:41 - 00000000 ____D () C:\Program Files\ESET
2014-08-02 16:39 - 2014-08-02 16:39 - 02347384 _____ (ESET) C:\Users\Klopapier\Desktop\esetsmartinstaller_deu.exe
2014-08-02 15:52 - 2014-08-02 15:52 - 00095280 _____ () C:\Users\Klopapier\Desktop\Neues Textdokument.txt
2014-08-02 13:40 - 2014-08-02 13:40 - 03007700 _____ () C:\Users\Klopapier\Desktop\revouninstaller.zip
2014-08-02 13:40 - 2014-08-02 13:40 - 00000000 ____D () C:\Users\Klopapier\Desktop\revouninstaller-portable
2014-08-02 13:21 - 2014-08-03 12:26 - 00018717 _____ () C:\Users\Klopapier\Desktop\FRST.txt
2014-08-02 13:21 - 2014-08-03 12:25 - 00000000 ____D () C:\FRST
2014-08-02 13:19 - 2014-08-02 13:19 - 01084928 _____ (Farbar) C:\Users\Klopapier\Desktop\FRST.exe
2014-08-01 11:59 - 2014-08-01 11:59 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-01 11:18 - 2014-08-01 11:18 - 32047680 _____ () C:\Users\Klopapier\Downloads\Firefox_Setup_de31.0.exe
2014-08-01 11:03 - 2014-08-02 14:24 - 00000000 ____D () C:\AdwCleaner
2014-08-01 11:02 - 2014-08-01 11:02 - 01361309 _____ () C:\Users\Klopapier\Desktop\adwcleaner_3.302.exe
2014-08-01 11:01 - 2014-08-03 11:13 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-01 11:01 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-01 11:01 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 11:01 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-01 10:59 - 2014-08-01 10:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Klopapier\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-28 17:38 - 2014-08-03 09:41 - 00007808 _____ () C:\Users\Klopapier\AppData\Local\d3d9caps.dat
2014-07-17 02:02 - 2014-08-03 02:03 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\FileAdvisor
2014-07-15 20:35 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-15 20:35 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-15 20:35 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-15 20:35 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-15 20:35 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-15 20:35 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-15 20:35 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-15 20:35 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-15 20:35 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-15 20:35 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-15 20:35 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-15 20:35 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-15 20:35 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-15 20:35 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-15 20:35 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-15 20:35 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-15 20:35 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-15 20:35 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-15 20:35 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-15 20:35 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-15 20:35 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-05 23:17 - 2014-07-06 00:47 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\texstudio
2014-07-05 23:17 - 2014-07-05 23:17 - 00000817 _____ () C:\Users\Public\Desktop\TeXstudio.lnk
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio
2014-07-05 23:16 - 2014-07-05 23:17 - 00000000 ____D () C:\Program Files\TeXstudio
2014-07-05 13:05 - 2014-07-05 13:05 - 00017184 _____ () C:\Windows\system32\XMLOperations.xml

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-03 12:26 - 2014-08-02 13:21 - 00018717 _____ () C:\Users\Klopapier\Desktop\FRST.txt
2014-08-03 12:25 - 2014-08-03 12:15 - 00035977 _____ () C:\Users\Klopapier\Desktop\Addition.txt
2014-08-03 12:25 - 2014-08-02 13:21 - 00000000 ____D () C:\FRST
2014-08-03 12:20 - 2011-04-18 20:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-03 12:18 - 2009-01-05 01:10 - 01681215 _____ () C:\Windows\WindowsUpdate.log
2014-08-03 12:17 - 2009-07-13 22:55 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\Skype
2014-08-03 12:07 - 2014-08-03 12:07 - 00001290 _____ () C:\Users\Klopapier\Desktop\test.txt
2014-08-03 11:40 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-03 11:40 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-03 11:13 - 2014-08-01 11:01 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 10:30 - 2014-08-03 10:30 - 00083168 _____ () C:\Users\Klopapier\Downloads\Extras.Txt
2014-08-03 10:26 - 2014-08-03 10:26 - 00104464 _____ () C:\Users\Klopapier\Downloads\OTL.Txt
2014-08-03 09:45 - 2010-10-30 16:22 - 00000000 ___RD () C:\Users\Klopapier\Documents\My Dropbox
2014-08-03 09:45 - 2010-10-30 16:18 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\Dropbox
2014-08-03 09:41 - 2014-07-28 17:38 - 00007808 _____ () C:\Users\Klopapier\AppData\Local\d3d9caps.dat
2014-08-03 09:40 - 2011-04-18 20:08 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-03 09:40 - 2010-04-09 23:26 - 00586866 _____ () C:\ProgramData\nvModes.dat
2014-08-03 09:40 - 2010-04-09 23:26 - 00586866 _____ () C:\ProgramData\nvModes.001
2014-08-03 09:40 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-03 02:31 - 2006-11-02 15:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-03 02:03 - 2014-07-17 02:02 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\FileAdvisor
2014-08-03 02:02 - 2014-07-03 02:02 - 00000000 ____D () C:\Program Files\File Type Advisor
2014-08-02 18:41 - 2014-08-02 18:41 - 00000000 ____D () C:\Program Files\ESET
2014-08-02 16:42 - 2006-11-02 12:33 - 01754342 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-02 16:39 - 2014-08-02 16:39 - 02347384 _____ (ESET) C:\Users\Klopapier\Desktop\esetsmartinstaller_deu.exe
2014-08-02 15:52 - 2014-08-02 15:52 - 00095280 _____ () C:\Users\Klopapier\Desktop\Neues Textdokument.txt
2014-08-02 15:37 - 2011-11-23 22:45 - 00000000 ____D () C:\Users\Klopapier\Desktop\Skins
2014-08-02 14:25 - 2008-01-21 04:47 - 00561010 _____ () C:\Windows\PFRO.log
2014-08-02 14:24 - 2014-08-01 11:03 - 00000000 ____D () C:\AdwCleaner
2014-08-02 14:09 - 2008-10-22 09:58 - 00000000 ____D () C:\Program Files\Java
2014-08-02 14:06 - 2013-12-05 01:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-02 14:04 - 2008-10-22 09:58 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-02 13:40 - 2014-08-02 13:40 - 03007700 _____ () C:\Users\Klopapier\Desktop\revouninstaller.zip
2014-08-02 13:40 - 2014-08-02 13:40 - 00000000 ____D () C:\Users\Klopapier\Desktop\revouninstaller-portable
2014-08-02 13:19 - 2014-08-02 13:19 - 01084928 _____ (Farbar) C:\Users\Klopapier\Desktop\FRST.exe
2014-08-01 20:30 - 2012-04-26 11:32 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-01 11:59 - 2014-08-01 11:59 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-01 11:58 - 2014-06-18 21:28 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-01 11:45 - 2014-07-03 02:04 - 00000659 _____ () C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-01 11:34 - 2009-09-03 23:35 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-01 11:18 - 2014-08-01 11:18 - 32047680 _____ () C:\Users\Klopapier\Downloads\Firefox_Setup_de31.0.exe
2014-08-01 11:02 - 2014-08-01 11:02 - 01361309 _____ () C:\Users\Klopapier\Desktop\adwcleaner_3.302.exe
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 11:01 - 2014-08-01 11:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-08-01 10:59 - 2014-08-01 10:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Klopapier\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-01 09:59 - 2014-04-27 17:59 - 00000000 ____D () C:\Users\Klopapier\Documents\Visual Studio 2010
2014-07-31 22:20 - 2014-05-24 19:18 - 00000000 ____D () C:\Program Files\Diablo II
2014-07-30 23:41 - 2014-03-29 20:21 - 00000000 ____D () C:\Users\Klopapier\Desktop\Bachelorarbeit
2014-07-30 23:41 - 2010-04-14 19:28 - 00000000 ____D () C:\Temp
2014-07-30 23:37 - 2011-04-22 15:50 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\SolidWorks
2014-07-26 23:07 - 2006-11-02 14:52 - 00004101 _____ () C:\Windows\setupact.log
2014-07-25 18:58 - 2010-01-15 21:00 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\vlc
2014-07-25 17:44 - 2013-08-28 20:48 - 00000000 ____D () C:\Users\Klopapier\Desktop\konti
2014-07-25 16:19 - 2010-05-09 19:32 - 00000000 ____D () C:\Program Files\JDownloader
2014-07-25 12:19 - 2011-01-20 23:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 17:13 - 2011-01-20 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 21:21 - 2010-10-30 16:22 - 00000932 _____ () C:\Users\Klopapier\Desktop\Dropbox.lnk
2014-07-23 21:21 - 2010-10-30 16:19 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-17 20:18 - 2006-11-02 14:47 - 00456456 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-17 02:14 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-16 23:53 - 2008-10-22 09:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-16 23:46 - 2013-08-16 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-16 23:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-15 20:23 - 2010-10-30 14:26 - 00000000 ____D () C:\Users\Klopapier\Desktop\Latexdokumente
2014-07-06 00:47 - 2014-07-05 23:17 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\texstudio
2014-07-05 23:17 - 2014-07-05 23:17 - 00000817 _____ () C:\Users\Public\Desktop\TeXstudio.lnk
2014-07-05 23:17 - 2014-07-05 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio
2014-07-05 23:17 - 2014-07-05 23:16 - 00000000 ____D () C:\Program Files\TeXstudio
2014-07-05 23:15 - 2010-06-30 12:10 - 00000000 ____D () C:\Users\Klopapier\AppData\Roaming\MiKTeX
2014-07-05 23:15 - 2010-06-30 12:10 - 00000000 ____D () C:\Users\Klopapier\AppData\Local\MiKTeX
2014-07-05 23:15 - 2010-06-30 11:57 - 00000000 ____D () C:\ProgramData\MiKTeX
2014-07-05 13:48 - 2012-10-20 00:56 - 00000000 ____D () C:\Users\Klopapier\AppData\Local\Paint.NET
2014-07-05 13:12 - 2013-09-01 15:37 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-05 13:05 - 2014-07-05 13:05 - 00017184 _____ () C:\Windows\system32\XMLOperations.xml

Some content of TEMP:
====================
C:\Users\Klopapier\AppData\Local\Temp\avgnt.exe
C:\Users\Klopapier\AppData\Local\Temp\deletetemp.exe
C:\Users\Klopapier\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphnresg.dll
C:\Users\Klopapier\AppData\Local\Temp\htmllite.dll
C:\Users\Klopapier\AppData\Local\Temp\Installer.exe
C:\Users\Klopapier\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-03 09:49

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

und Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:2-08-2014
Ran by Klopapier at 2014-08-03 12:26:41
Running from C:\Users\Klopapier\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AAC Decoder (HKLM\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Ahnenblatt 2.70 (HKLM\...\Ahnenblatt_is1) (Version: 2.70.0.0 - Dirk Boettcher)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Borderlands (HKLM\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.14 - Broadcom Corporation)
Calc 3D Pro Deutsch 2.1.7 (HKLM\...\Calc 3D Pro_is1) (Version: 2.1.7 - )
Cinergy T USB XE (MKII) V6.09.28.05b (HKLM\...\Cinergy T USB XE (MKII)) (Version: 6.09.28.05b - )
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crystal Reports for Visual Studio (Version: 12.51.0.240 - SAP) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Diablo II (HKLM\...\Diablo II) (Version:  - Blizzard Entertainment)
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
Dotfuscator Software Services - Community Edition - DEU (HKLM\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
File Type Advisor 1.4 (HKLM\...\File Type Advisor_is1) (Version:  - filetypeadvisor.com)
FL Studio 10 (HKLM\...\FL Studio 10) (Version:  - Image-Line)
Free Audio CD Burner version 1.4.7 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free M4a to MP3 Converter 8.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Studio version 4.8 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
H.264 Decoder (HKLM\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.1.0 - DivX, Inc.)
Hewlett-Packard Active Check for Health Check (Version: 1.1.15.2 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.64.0 - HP) Hidden
HP Active Support Library (Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.0.0 - Hewlett-Packard Company)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.0.2126 - Hewlett-Packard)
HP MediaSmart DVD (Version: 2.0.2126 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2125 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (Version: 2.0.2125 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}) (Version: 2.0.8 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.0926 - Hewlett-Packard)
HP MediaSmart Webcam (Version: 2.0.0926 - Hewlett-Packard) Hidden
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HP User Guides 0128 (HKLM\...\{07A5026D-5F9F-43D1-9073-C2F882D417E7}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPTCSSetup (HKLM\...\{30D3B7BC-5798-45D9-822D-05CA18F39E99}) (Version: 1.1.1955.2793 - Hewlett-Packard Company)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.0 - IDT)
IL Download Manager (HKLM\...\IL Download Manager) (Version:  - Image-Line)
Inkscape 0.48.3.1 (HKLM\...\Inkscape) (Version: 0.48.3.1 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.30 - Irfan Skiljan)
JDownloader (HKLM\...\JDownloader) (Version: 0.89 - AppWork UG (haftungsbeschränkt))
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.18.07 - JMicron Technology Corp.)
League of Legends (HKLM\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MATLAB R2011a (HKLM\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.)
Medieval II Total War (HKLM\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Messenger Plus! 5 (HKLM\...\Messenger Plus!) (Version: 1.0.1.102 - Yuna Software)
Messenger Plus! Live (HKLM\...\Messenger Plus! Live) (Version: 4.90.0.392 - Yuna Software)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - DEU (HKLM\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{1C2B3CEA-482E-4453-B3E2-C9731337828A}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{D074DC76-F6C9-440E-A1D0-1DE958417FDB}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) de (HKLM\...\{DB0AF767-7CC7-4E4D-B6BE-A200F20A2FB1}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM\...\{03A4C6A1-26E9-4DDB-81D9-B332E5BB10AD}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x86) de (HKLM\...\{EAF7B35C-DCBE-4032-9ABF-C35C43D07124}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) de (HKLM\...\{D6A6CFAD-CD86-482B-90D1-6FCC4E252ACD}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x86) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Performance Collection Tools - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Ultimate - DEU (HKLM\...\Microsoft Visual Studio 2010 Ultimate - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MKV Splitter (HKLM\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.1 - DivX, Inc.)
Mobile Partner Manager (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA PhysX v8.10.29 (HKLM\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
O&O Defrag Free Edition (HKLM\...\{E29CFB36-F070-4612-8DB5-7038161B6294}) (Version: 14.1.431 - O&O Software GmbH)
OpenOffice.org 3.2 (HKLM\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
PDoD Uninstallation (HKLM\...\{B5A4D5A1-7646-4EA9-9D30-3368A736A791}_is1) (Version: 0.2.1 - SickMafia)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2119 - CyberLink Corp.)
Power2Go (Version: 6.0.2119 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2119 - CyberLink Corp.)
PowerDirector (Version: 7.0.2119 - CyberLink Corp.) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{CB71A20E-B1B4-4562-81FA-33E1DBD0342F}) (Version: 3.10 A7 - Hewlett-Packard)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Python 3.1 pygame-1.9.1 (HKLM\...\{23682768-0E25-461F-990B-8DFF1B701903}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 3.1.4 (HKLM\...\{1ACA3135-BA08-41a9-8019-9BFA2BD1C4EE}) (Version: 3.1.4150 - Python Software Foundation)
R for Windows 2.13.0 (HKLM\...\R for Windows 2.13.0_is1) (Version: 2.13.0 - R Development Core Team)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
RStudio (HKLM\...\RStudio) (Version: 0.93.89 - RStudio)
Secure Download Manager (HKLM\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Sentinel Protection Installer 7.6.6 (HKLM\...\{8C2218AC-D1B1-4530-9E67-15164E0E52AB}) (Version: 7.6.6 - SafeNet, Inc.)
Service Pack 1 für SQL Server 2008 (KB 968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Solid Edge V20 (HKLM\...\{886F91D5-4B45-45DC-938E-6B0276C6B015}) (Version: 20.00.0096 - UGS)
SolidWorks 2010 SP0 (HKLM\...\{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}) (Version: 18.100.5035 - SolidWorks)
Sony Ericsson Update Engine (HKLM\...\Update Engine) (Version: 2.12.15.18 - Sony Ericsson Communications AB)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.18.0 - Synaptics)
Tag - IGF Professional 2008 (HKLM\...\{1446A30C-6DAF-461E-96B1-31C554870082}_is1) (Version:  - DigiPen Institute of Technology)
TeamSpeak 2 RC2 (HKLM\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TerraTec Home Cinema (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.15.11 - )
TeXnicCenter Version 1.0 Stable RC1 (HKLM\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
TeXstudio 2.8.0 (HKLM\...\TeXstudio_is1) (Version: 2.8.0 - Benito van der Zander)
Text2Speech (HKCU\...\0ac7d207f51cb75e) (Version: 1.0.2.4 - Text2Speech)
TextPad 6 (HKLM\...\{3F04067F-0DA5-4F48-9A89-6FCFD2A9E040}) (Version: 6.1.3 - Helios)
TeXworks 0.4.5 (HKLM\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version:  - TeX Users Group)
TmNationsForever (HKLM\...\TmNationsForever_is1) (Version:  - Nadeo)
Torchlight (HKLM\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Torchlight German Patch (HKLM\...\{27B1B784-67A7-452B-A8FF-467E8ADAA8E9}) (Version: 1.0.0 - JoWooD)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{9AA2D735-3375-42D4-9A61-3FFEF82599D6}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0 - DivX, Inc) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Winamp (HKLM\...\Winamp) (Version: 5.56  - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
Windows Live OneCare safety scanner (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM\...\7DE39862CC26DCE2446838AAF7CD5C163F835A57) (Version: 09/04/2008 2.6.0.0 - ENE)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Wood Workshop (HKLM\...\{7AACE39E-A19F-468A-B130-6DBA27203075}) (Version: 1.01.0574 - Spiral Graphics Inc.)
Z-Plot 1.02 (HKLM\...\Z-Plot_is1) (Version:  - Reinhard Nopper)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\KLOPAP~1\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe  (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{ABECE8A0-FF84-4efb-82AE-9B3181CE097D}\InprocServer32 -> C:\Program Files\TextPad 6\System\shellext32.dll (Helios Software Solutions)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-44494119-3696041132-2777540171-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

05-07-2014 13:27:16 Geplanter Prüfpunkt
15-07-2014 19:52:17 Geplanter Prüfpunkt
16-07-2014 21:29:19 Windows Update
18-07-2014 19:59:36 Geplanter Prüfpunkt
18-07-2014 20:46:21 Removed Yahoo Community Smartbar
21-07-2014 10:01:57 Geplanter Prüfpunkt
23-07-2014 20:07:38 Geplanter Prüfpunkt
24-07-2014 15:06:47 Windows Update
26-07-2014 23:56:12 Geplanter Prüfpunkt
31-07-2014 22:11:47 Removed Yahoo Community Smartbar
02-08-2014 11:47:10 Revo Uninstaller's restore point - Media Player Codec Pack 4.2.4
02-08-2014 11:51:27 Revo Uninstaller's restore point - Java 7 Update 45
02-08-2014 11:51:50 Removed Java 7 Update 45
02-08-2014 11:56:24 Revo Uninstaller's restore point - Java(TM) 6 Update 18
02-08-2014 11:56:42 Removed Java(TM) 6 Update 18
02-08-2014 12:01:40 Revo Uninstaller's restore point - Java(TM) 6 Update 33
02-08-2014 12:02:15 Removed Java(TM) 6 Update 33
02-08-2014 12:07:12 Revo Uninstaller's restore point - Java(TM) 6 Update 7
02-08-2014 12:10:32 Revo Uninstaller's restore point - Plus-HD-V1.4
02-08-2014 12:11:41 Revo Uninstaller's restore point - Jet
02-08-2014 12:13:19 Revo Uninstaller's restore point - Jet Browser version 0.2.0.7
02-08-2014 12:16:32 Revo Uninstaller's restore point - Yahoo Community Smartbar
02-08-2014 12:19:13 Revo Uninstaller's restore point - Jet
02-08-2014 14:15:02 Revo Uninstaller's restore point - Jet

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {13C0B272-F162-430E-A096-842CD9619C84} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-11 No Task File <==== ATTENTION
Task: {1A927772-32E3-47F9-BEA3-36833B8BEC71} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-4 No Task File <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {28961A71-547C-4C9F-B5A0-087250F8A808} - System32\Tasks\FileAdvisorCheck => C:\Program Files\File Type Advisor\file-type-advisor.exe [2013-09-04] (filetypeadvisor.com                                         )
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42667E16-A642-42F0-A9A4-94B81DC0ED25} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4C8EBDAD-CD61-488F-97BB-270DD36AB6A6} - System32\Tasks\FileAdvisorUpdate => C:\Program Files\File Type Advisor\fileadvisor.exe [2013-09-04] (File Type Advisor)
Task: {64FBCE57-FAF3-45A0-AE62-6FF51853C011} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-5_user No Task File <==== ATTENTION
Task: {65C1515D-0C9A-429B-AE7D-03EF8860742A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {69DD4939-36D9-416B-B4F2-7C7EDEB57978} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {8D123D67-E07F-45C9-96F9-1C1792B1F7D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-18] (Google Inc.)
Task: {9376E2F1-2A8E-4163-B46C-728942ACA8E1} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-3 No Task File <==== ATTENTION
Task: {9DAE4B3A-F4BE-40BC-A116-854C7C6C6DFB} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {A0D47484-A684-4E15-9C3C-9457B197761D} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-2 No Task File <==== ATTENTION
Task: {B5565F8A-CEC3-43AC-9DD6-AC7CAF3A1D79} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {C3F5613D-DD76-4AA5-8C47-BC66F7EEE52E} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {C710E864-BB93-45AB-90F3-E87C349CF9B0} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-1 No Task File <==== ATTENTION
Task: {CD25E0CD-DD68-4DEA-9590-16FB1485C399} - System32\Tasks\Herunterfahren => C:\Windows\System32\shutdown.exe [2008-01-21] (Microsoft Corporation)
Task: {E3E6C7C2-DBEB-44C4-A048-0FA10F753BB1} - System32\Tasks\{CDDE9153-0BEA-4B1A-9EBB-2472B2E209D0} => C:\Program Files\Skype\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {E4F1A730-A128-4E4C-8463-16DAE064F4A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-18] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EBFE465D-A966-4F23-8836-9DD8E604D5DF} - \7aa6a5aa-af41-4ea2-b7d5-1eeef08edaab-5 No Task File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-07-04 23:32 - 2010-07-04 23:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2008-10-22 10:02 - 2008-09-23 12:18 - 00365904 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-22 10:02 - 2008-09-23 12:18 - 00132432 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-22 09:54 - 2008-06-30 01:10 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2008-09-25 19:42 - 2008-09-25 19:42 - 00881960 ____N () C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2010-09-19 18:14 - 2010-07-16 09:49 - 00252784 _____ () C:\Program Files\Mobile Partner Manager\AssistantServices.exe
2009-07-01 18:37 - 2009-07-01 18:37 - 00037888 _____ () C:\Program Files\Winamp\winampa.exe
2010-09-19 18:14 - 2010-07-16 09:51 - 00138584 _____ () C:\Program Files\Mobile Partner Manager\UIExec.exe
2010-07-04 21:51 - 2010-07-04 21:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2014-08-03 09:44 - 2014-08-03 09:44 - 00043008 _____ () c:\Users\Klopapier\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphnresg.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Klopapier\AppData\Roaming\Dropbox\bin\libcef.dll
2008-10-22 09:13 - 2008-04-11 09:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2014-06-19 00:41 - 2014-06-19 00:41 - 03022960 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2014-06-19 00:41 - 2014-06-19 00:41 - 00158832 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-19 00:41 - 2014-06-19 00:41 - 00023152 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-08-01 11:58 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/03/2014 00:25:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST.exe, Version 2.8.2014.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1220
Anfangszeit: 01cfaf03315b8a3a
Zeitpunkt der Beendigung: 34

Error: (08/03/2014 00:10:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung plugin-container.exe, Version 31.0.0.5310, Zeitstempel 0x53c75e91, fehlerhaftes Modul mozalloc.dll, Version 31.0.0.5310, Zeitstempel 0x53c72e91, Ausnahmecode 0x80000003, Fehleroffset 0x0000141b,
Prozess-ID 0x1144, Anwendungsstartzeit plugin-container.exe0.

Error: (08/02/2014 06:41:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.0.532 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1114
Anfangszeit: 01cfae6012f22cde
Zeitpunkt der Beendigung: 21

Error: (08/02/2014 04:15:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {f15277f5-832c-4d93-804a-caf2c97faa77}

Error: (08/02/2014 03:49:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.0.532 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1308
Anfangszeit: 01cfae4dd2c2c4be
Zeitpunkt der Beendigung: 8

Error: (08/02/2014 02:19:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:16:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:13:14 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:11:41 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:10:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}


System errors:
=============
Error: (08/03/2014 09:45:09 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: Das Gerät "JMB38X xD Host Controller" (PCI\VEN_197B&DEV_2384&SUBSYS_3603103C&REV_00\4&2bbd3a19&0&04E4) wurde ohne vorbereitende Maßnahmen vom System entfernt.

Error: (08/03/2014 09:45:08 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: Das Gerät "JMB38X MS Host Controller" (PCI\VEN_197B&DEV_2383&SUBSYS_3603103C&REV_00\4&2bbd3a19&0&03E4) wurde ohne vorbereitende Maßnahmen vom System entfernt.

Error: (08/03/2014 09:45:08 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: Das Gerät "JMB38X SD Host Controller" (PCI\VEN_197B&DEV_2381&SUBSYS_3603103C&REV_00\4&2bbd3a19&0&02E4) wurde ohne vorbereitende Maßnahmen vom System entfernt.

Error: (08/03/2014 09:45:08 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: Das Gerät "JMB38X SD/MMC Host Controller" (PCI\VEN_197B&DEV_2382&SUBSYS_3603103C&REV_00\4&2bbd3a19&0&01E4) wurde ohne vorbereitende Maßnahmen vom System entfernt.

Error: (08/03/2014 09:41:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/02/2014 02:33:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (08/02/2014 02:27:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/02/2014 00:47:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (08/02/2014 00:41:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/02/2014 10:30:34 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update


Microsoft Office Sessions:
=========================
Error: (08/03/2014 00:25:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe2.8.2014.0122001cfaf03315b8a3a34

Error: (08/03/2014 00:10:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141b114401cfaef0959b1faa

Error: (08/02/2014 06:41:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.532111401cfae6012f22cde21

Error: (08/02/2014 04:15:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {f15277f5-832c-4d93-804a-caf2c97faa77}

Error: (08/02/2014 03:49:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.532130801cfae4dd2c2c4be8

Error: (08/02/2014 02:19:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:16:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:13:14 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:11:41 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}

Error: (08/02/2014 02:10:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {755d2d2b-bb28-4862-a8e9-e159f083f936}


CodeIntegrity Errors:
===================================
  Date: 2014-08-03 12:26:34.939
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-03 12:26:34.319
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-03 12:26:33.216
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-03 12:26:32.391
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-03 12:26:31.110
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-03 12:26:30.318
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-03 12:26:29.617
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-03 12:26:29.042
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-03 12:14:18.149
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-03 12:14:17.302
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 52%
Total physical RAM: 3068.27 MB
Available physical RAM: 1457.82 MB
Total Pagefile: 6368.77 MB
Available Pagefile: 4286.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.82 MB

==================== Drives ================================

Drive c: (C) (Fixed) (Total:287.49 GB) (Free:113.81 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.6 GB) (Free:1.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Removable) (Total:29.8 GB) (Free:29.11 GB) FAT32
Drive h: (ERMIS_STICK) (Removable) (Total:3.71 GB) (Free:3.42 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 149FF503)
Partition 1: (Active) - (Size=287 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================

Ob jetzt alles geht, lässt sich schlecht sagen, weil ich nicht weiß, wie die "Ladewut" getriggert wird.

Mein Mitbewohner lässt allerdings anfragen, ob man irgendwie einfach den Router auf Fehler überprüfen kann, aus Sorge, dass sich vllt in unserem Netzwerk was eingenistet hat. Hast du da vielleicht eine Idee?
Sein Vorschlag war, einfach Router resetten, dann passt das schon.
Lg

Edit:
Die anderen Suchergebnisse vom vorherigen Suchlauf bei MBAM waren übrigens zweimal vom "unlocker" und zweimal vom "WLAN-key viewer für Windows vista". Einmal war da auch noch ein Toolbarding drin, was dann in Quarantäne und somit weg ist. Das GlobalUpdate.A wie oben war da auch bei, hatte also beim vorvorletzten MBAM Durchlauf (der erste bei dem auch Root mit einbezogen wurde) 6 Funde.

deeprybka · 03.08.2014, 11:46

Hi,
nö denke nicht dass da was im Netzwerk ist. Ich persönlich lasse auch immer die Finger vom Router, das wäre nämlich ein "GAU" ohne Internet zu sein...

Ist das Problem mit welchem Du zu uns gekommen bist gelöst? Das war ja die Frage?

Ichkaufpferd · 03.08.2014, 11:53

Zitat:

Ist das Problem mit welchem Du zu uns gekommen bist gelöst? Das war ja die Frage?

Dass mein Browser den Anfall kriegt und wütend ganz oft 98uj8.de/... öffnet?
Kann ich wahrscheinlich erst in ein paar Wochen sicher sagen, weil ich nicht weiß, wie ich das triggern könnte. Das erste Mal ist das vor drei Tagen passiert. Nach dem Neustart war der Spuk vorbei. Dann ist es halt gestern nochmal passiert. Nach einem Neustart war der Spuk auch dann wieder vorbei. Seit dem ist es nicht mehr passiert.
Wenn ich wüsste wie ich die Ladewut hervorrufen könnte, kann ich dir auch sicher sagen, dass es nichtmehr passiert

Dennoch schonmal: vielen Dank für alles!

Lg

Den Router werden wir dann vielleicht einfach so mal resetten und auf Auslieferungszustand setzen. Das sollte uns ja nicht vom Internet abschneiden können

deeprybka · 03.08.2014, 11:59

OK,

Lade dir

TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.

Öffne die TFC.exe.
Vista und Win 7 User mit Rechtsklick "als Administrator starten".
Schließe alle anderen Programme.
Drücke auf den Button Start.
Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.

Java installieren.

Flash-Link mit dem Firefox aufrufen. Flash installieren = aktualisieren. Optionale Angebote beim Download ablehnen.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:

Combofix-Deinstallation.

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Ja! Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

>>clean<<
Wir haben es geschafft!

Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Wie kann ich mich in Zukunft besser schützen?

Tipps, Dos & Don'ts

Updates & Software

Beim Betriebsystem Windows die automatischen Updates aktivieren.

Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player & PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Firewall, Antivirus & Co.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. (Updatefunktion aktivieren!)
Meine Empfehlungen:
Kaspersky Antivirus
Emsisoft Anti-Malware
avast Free Antivirus
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Cracks, Downloads & Co.

Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.
Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)

Auch virustotal.com ist Dein Freund! Lade dubiose oder unbekannte Dateien hoch, bevor Du diese startest oder installierst.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).

Surfe daher mit Vorsicht und klicke mit Verstand.
Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von Dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo Deine Daten eingeben.
Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst Du von einem Deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und Du solltest nicht denselben Fehler machen.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.

Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Ichkaufpferd · 03.08.2014, 13:11

Hab ich alles gemacht, danke auch an dieser Stelle

http://www.trojaner-board.de/157187-...ml#post1339282
Lg

Browser öffnet 98.uj8.de/(gleiche Seite wie bei vielen anderen auch) von alleine.

Plagegeister aller Art und deren Bekämpfung: Browser öffnet 98.uj8.de/(gleiche Seite wie bei vielen anderen auch) von alleine.