"bat=exe" Fehlermeldungen bei Windows 7 Start

0815Horst · 22.08.2014, 13:36

Hallo Leute,

ein Laptop von einen bekannten bekommt beim Starten ca 15 cmd Fenster und die Fehlermeldung:

"bat=exe" konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang"

Dieses kann man dann ca 15x mit OK Bestätigen und dann kann man den PC nutzen.

System inst Windows 7 64 Bit.

Eine Systemwiederherstellung von Windows war ohne Erfolg, selbst 1 Monat in der Vergangenheit behebt das Problem nicht.

Was kann ich tun?

#
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2014
Ran by Manni (administrator) on LAPPI-MANNI on 22-08-2014 14:52:25
Running from C:\Users\Manni\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-11-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe [1974408 2010-03-29] (T-Systems International GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-29] (Easybits)
HKLM-x32\...\Run: [fst_de_82] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-06-24] (Hewlett-Packard)
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [ISUSPM Startup] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [PriceMeterW] => "C:\Users\Manni\AppData\Local\PriceMeter\pricemeterw.exe"
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\MountPoints2: {0f29d6a1-9c88-11e0-ae2c-c80aa93671f0} - G:\LaunchU3.exe -a
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\MountPoints2: {b1e45b6b-1b28-11e1-ba22-c80aa93671f0} - G:\iStudio.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_ir_14_27_ff&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtAyB0CtAyDtAyB0FyEyBtN0D0Tzu0SzytCyBtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CyBtBtA0EyBzztG0CyEyBtBtG0D0DyDyBtGyByD0E0CtGtCtDtCyEtDtC0ByC0C0D0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FyBtDtDyE0EtCtGyE0DzzzztG0FyB0CtAtGtDyEzy0AtGtCyByEtA0BzztD0FtA0FyByD2Q&cr=464099971&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=6a204f59-994d-40ab-b68c-d9bdaffa677b&searchtype=ds&q={searchTerms}&installDate={installDate}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=6a204f59-994d-40ab-b68c-d9bdaffa677b&searchtype=ds&q={searchTerms}&installDate={installDate}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tmpl=8&tb_id=60368
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?tmpl=8&TbId=60368
URLSearchHook: HKLM-x32 - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - No File
URLSearchHook: HKCU - Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10053&barid={EC832BE0-0DA5-11E3-9493-C80AA93671F0}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_ir_14_27_ff&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtAyB0CtAyDtAyB0FyEyBtN0D0Tzu0SzytCyBtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CyBtBtA0EyBzztG0CyEyBtBtG0D0DyDyBtGyByD0E0CtGtCtDtCyEtDtC0ByC0C0D0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FyBtDtDyE0EtCtGyE0DzzzztG0FyB0CtAtGtDyEzy0AtGtCyByEtA0BzztD0FtA0FyByD2Q&cr=464099971&ir=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=6a204f59-994d-40ab-b68c-d9bdaffa677b&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_ir_14_27_ff&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtAyB0CtAyDtAyB0FyEyBtN0D0Tzu0SzytCyBtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CyBtBtA0EyBzztG0CyEyBtBtG0D0DyDyBtGyByD0E0CtGtCtDtCyEtDtC0ByC0C0D0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FyBtDtDyE0EtCtGyE0DzzzztG0FyB0CtAtGtDyEzy0AtGtCyByEtA0BzztD0FtA0FyByD2Q&cr=464099971&ir=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=5E7FF07BCB37C353&affID=119557&tsp=4962
SearchScopes: HKCU - {16ED00DE-DF19-4BC9-9E03-52C3121B7124} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP76F65E04-BF3E-4CAD-B520-C67C175B67EE&q={searchTerms}&SSPV=
SearchScopes: HKCU - {8E25DF21-98F1-47A6-A2A4-3C261D916603} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7AURU_deDE498
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid={EC832BE0-0DA5-11E3-9493-C80AA93671F0}&crg=3.5000006.10053&st=23
BHO: video MediaPlay-Air -> {11111111-1111-1111-1111-110511951199} -> C:\Program Files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll No File
BHO: Cinema-Plus-1.2 -> {11111111-1111-1111-1111-110611051148} -> C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho64.dll (Cinema Plus)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Cinema-Plus-1.2 -> {11111111-1111-1111-1111-110611051148} -> C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho.dll (Cinema Plus)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {990af1c2-5a27-4460-8149-ecc6bc122af3} ->  No File
BHO-x32: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: PricePeep -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -> C:\Program Files (x86)\PricePeep\pricepeep.dll No File
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} -  No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} -  No File
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
Hosts: 127.0.0.1			d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515
FF DefaultSearchEngine: qone8
FF SelectedSearchEngine: qone8
FF Homepage: hxxp://start.qone8.com/?type=hppp&ts=1404975844&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Cinema-Plus-1.2 - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\d55cd0d7-9f24-4660-95b3-188599e8e4f8@6b2faf04-e86f-4bcf-a878-632814acf518.com [2014-07-11]
FF Extension: video MediaPlayer - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com [2014-07-11]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By Sweetpacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2014-08-01]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-13]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By Sweetpacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-04-01]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\z0xngxin.default\extensions\quick_start@gmail.com
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (YouTube) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google Search) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Boost) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn [2014-07-04]
CHR Extension: (Cinema-Plus-1.2) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikpbmdkdomofnnkcaoepabekgkedfhom [2014-07-10]
CHR Extension: (No Name) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2013-11-29]
CHR Extension: (Norton Identity Protection) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-06-07]
CHR Extension: (Google Wallet) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2013-08-26]
CHR Extension: (Gmail) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2011-12-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 DFSVC; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [376832 2009-10-21] (T-Systems International GmbH) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-10] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-10] (globalUpdate) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]
S2 Update findopolis; "C:\Program Files (x86)\findopolis\updatefindopolis.exe" [X]
S2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R3 DFSYS; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [17952 2009-10-15] (T-Systems International GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-13] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys [525016 2014-03-31] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\ENG64.SYS [126040 2014-07-18] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\EX64.SYS [2099288 2014-07-18] (Symantec Corporation)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI64.sys [28192 2009-10-15] (T-Systems International GmbH)
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-31] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 TridVid; C:\Windows\System32\DRIVERS\TridVid6010.sys [287488 2010-10-10] (10Moons Technologies Co.,Ltd)
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64; C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys [61112 2014-07-04] (StdLib)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-22 14:52 - 2014-08-22 14:52 - 00033033 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:48 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 13:30 - 2014-08-22 14:52 - 00000000 ____D () C:\FRST
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 10:04 - 2014-07-31 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-24 13:12 - 2014-07-25 16:22 - 00000000 ____D () C:\Users\Manni\martin
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\ProgramData\SSScanAppDataDir
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\ProgramData\MSScanAppDataDir
2014-07-23 11:00 - 2014-07-23 11:00 - 00001140 _____ () C:\Users\Manni\Desktop\Continue Zip Extractor Installation.lnk
2014-07-23 10:52 - 2014-07-30 09:52 - 00000000 ____D () C:\Users\Manni\Desktop\Arbeitssicherheit

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-22 14:52 - 2014-08-22 14:52 - 00033033 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-22 14:52 - 2014-08-22 13:30 - 00000000 ____D () C:\FRST
2014-08-22 14:52 - 2009-07-14 06:51 - 01005075 _____ () C:\Windows\setupact.log
2014-08-22 14:48 - 2014-08-22 14:45 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 14:44 - 2011-02-15 18:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-22 14:43 - 2012-05-31 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-22 14:38 - 2011-06-14 09:07 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A8B97CD3-7C97-48E7-8FFF-7B2BF938225D}
2014-08-22 14:22 - 2010-03-18 02:27 - 01486302 _____ () C:\Windows\WindowsUpdate.log
2014-08-22 14:20 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-22 14:20 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-22 14:13 - 2014-07-10 21:44 - 00001460 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5_user.job
2014-08-22 14:13 - 2014-07-10 21:44 - 00001442 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.job
2014-08-22 14:13 - 2014-07-10 21:43 - 00001562 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-1.job
2014-08-22 14:13 - 2014-07-10 21:43 - 00001360 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.job
2014-08-22 14:13 - 2014-07-10 21:42 - 00002202 _____ () C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.job
2014-08-22 14:13 - 2014-07-04 15:36 - 00000934 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-22 14:13 - 2014-06-11 19:11 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-22 14:13 - 2011-02-15 18:33 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-22 14:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-22 13:56 - 2011-11-01 15:32 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-22 13:56 - 2010-12-08 16:29 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 12:41 - 2014-05-06 22:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-22 12:41 - 2010-11-02 13:50 - 00000000 ____D () C:\Users\Manni
2014-08-22 12:39 - 2014-07-14 16:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-08-22 12:39 - 2014-07-04 15:31 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-08-22 12:39 - 2014-05-30 17:05 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-22 12:39 - 2014-03-31 17:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-22 12:39 - 2014-01-21 13:02 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-22 12:39 - 2011-06-08 14:39 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-08-22 12:39 - 2010-03-18 02:43 - 00000000 ____D () C:\ProgramData\Norton
2014-08-22 12:39 - 2009-11-15 02:15 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-22 12:38 - 2014-07-08 20:15 - 00000000 ____D () C:\Program Files (x86)\F978377C-B7D4-4536-8E10-14CA97B13394
2014-08-22 12:38 - 2011-01-14 13:10 - 00000000 ____D () C:\Program Files (x86)\Inbox Toolbar
2014-08-22 12:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-22 12:31 - 2013-07-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-18 15:47 - 2012-06-17 14:17 - 00000000 ____D () C:\Users\Manni\Sigrid_Rezepte
2014-08-15 15:32 - 2010-11-03 15:21 - 00000000 ____D () C:\Users\Manni\Kegeln
2014-08-14 22:49 - 2013-08-14 18:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-10 08:46 - 2013-10-21 17:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-08-05 19:09 - 2010-11-13 15:30 - 00000000 ____D () C:\Users\Manni\FZ
2014-08-05 11:30 - 2014-05-30 17:01 - 00000000 ____D () C:\temp
2014-08-01 12:39 - 2013-11-29 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 17:36 - 2011-06-16 16:24 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 17:36 - 2011-06-16 16:23 - 315134067 _____ () C:\Windows\MEMORY.DMP
2014-07-31 16:44 - 2013-12-29 09:58 - 00000000 ____D () C:\ProgramData\Easybits Magic Desktop for HP
2014-07-31 15:47 - 2014-07-10 21:42 - 00000938 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-31 10:06 - 2014-07-31 10:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 09:52 - 2014-07-23 10:52 - 00000000 ____D () C:\Users\Manni\Desktop\Arbeitssicherheit
2014-07-29 19:48 - 2010-03-18 02:29 - 02143880 _____ () C:\Windows\PFRO.log
2014-07-25 17:58 - 2011-07-07 08:44 - 00000000 ____D () C:\Users\Manni\Aktuell
2014-07-25 16:22 - 2014-07-24 13:12 - 00000000 ____D () C:\Users\Manni\martin
2014-07-25 07:23 - 2014-07-04 16:10 - 00000000 ____D () C:\ProgramData\374311380
2014-07-24 22:35 - 2014-06-19 16:49 - 00000000 ____D () C:\Users\Manni\Desktop\Neuer Ordner
2014-07-24 22:35 - 2011-08-28 16:09 - 01024000 ___SH () C:\Users\Manni\Desktop\Thumbs.db
2014-07-24 22:28 - 2013-03-14 19:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 22:28 - 2009-11-14 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 22:12 - 2013-03-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 08:05 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\ProgramData\SSScanAppDataDir
2014-07-23 11:10 - 2014-07-23 11:10 - 00000000 ____D () C:\ProgramData\MSScanAppDataDir
2014-07-23 11:00 - 2014-07-23 11:00 - 00001140 _____ () C:\Users\Manni\Desktop\Continue Zip Extractor Installation.lnk

Some content of TEMP:
====================
C:\Users\Manni\AppData\Local\Temp\nsc986.exe
C:\Users\Manni\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-02-25 16:11

==================== End Of Log ============================

--- --- ---

--- --- ---

#FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2014
Ran by Manni at 2014-08-22 14:56:04
Running from C:\Users\Manni\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
1400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0804.2223.38385 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help English (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help French (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help German (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0804.2223.38385 - ATI) Hidden
Cinema-Plus-1.2 (HKLM-x32\...\Cinema-Plus-1.2) (Version: 1.34.7.1 - Cinema Plus)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2111 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3325 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3325 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1005 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.1.1005 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2130 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2130 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2201 - CyberLink Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.2 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.7.0 - )
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardcopy (C:\Program Files (x86)\Hardcopy) (HKLM-x32\...\Hardcopy(C__Program Files (x86)_Hardcopy)) (Version: 2011.02.12 - www.hardcopy.de)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 1.0.0 - Inbox.com, Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java(TM) 6 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416015FF}) (Version: 6.0.150 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
T-Home Dialerschutz-Software (HKLM-x32\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

01-08-2014 10:46:54 Windows Update
10-08-2014 06:42:14 Installed Java 7 Update 67
10-08-2014 10:13:07 Removed Java(TM) SE Development Kit 6 Update 15 (64-bit)
14-08-2014 20:31:17 Windows Update
22-08-2014 10:06:54 Wiederherstellungsvorgang
22-08-2014 11:42:31 Revo Uninstaller's restore point - Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:44:55 Removed Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:55:33 Revo Uninstaller's restore point - Search Protect
22-08-2014 11:59:40 Revo Uninstaller's restore point - video MediaPlay-Air
22-08-2014 12:26:18 Revo Uninstaller's restore point - GMX Desktop Icons
22-08-2014 12:39:18 Revo Uninstaller's restore point - GMX MailCheck für Internet Explorer
22-08-2014 12:41:38 Revo Uninstaller's restore point - GMX Softwareaktualisierung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-05 15:53 - 00000867 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1			d3oxij66pru1i3.cloudfront.net

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00A2143C-288B-4611-88E8-4AEFCC12549C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {0315E158-5D1B-4C24-B7BD-CB737D944E07} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {0E27F6A1-8900-45BF-B630-C819492F06C2} - System32\Tasks\cocwrgcn => C:\Users\Manni\AppData\Local\cocwrgcn.bat [2014-07-07] ()
Task: {12A909A7-A915-4690-93E4-8C739E117D95} - System32\Tasks\wfodnof => C:\Users\Manni\AppData\Local\wfodnof.bat
Task: {13C0A6FB-F1D8-45E9-BE95-CB694C9EF0C8} - System32\Tasks\koswc => C:\Users\Manni\AppData\Local\koswc.bat [2014-07-07] ()
Task: {1B68DDFB-4D08-408E-AD58-0DC7C1D78011} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5_user => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe [2014-07-10] (Cinema Plus)
Task: {1E334E91-4473-4C00-95BF-1523CC431FEC} - System32\Tasks\ttahnlby => C:\Users\Manni\AppData\Local\ttahnlby.bat [2014-07-07] ()
Task: {279301D3-A9FB-46A0-9214-C747CF76545D} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-10] (globalUpdate)
Task: {27CE954C-20F7-4E97-AC66-0AE5817FF5D7} - System32\Tasks\kfuync => C:\Users\Manni\AppData\Local\kfuync.bat [2014-07-07] ()
Task: {2C7B34C0-9642-4F1C-8B21-47A364A0CCEB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {2DC77031-4158-43E6-A0D8-9348F4AACC7A} - System32\Tasks\jgcebxt => C:\Users\Manni\AppData\Local\jgcebxt.bat
Task: {2E48DDAE-834D-414C-A0B4-6E966EB1878E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {34E8088A-C36B-429C-8DDD-7ADB2468760A} - System32\Tasks\bcidpkfz => C:\Users\Manni\AppData\Local\bcidpkfz.bat [2014-07-07] ()
Task: {37EDA866-EA3A-4CDF-80A3-6C18F6BD0313} - System32\Tasks\atviuwjb => C:\Users\Manni\AppData\Local\atviuwjb.bat [2014-07-07] ()
Task: {389AD2E4-023F-47CC-AD91-B636F7F141A3} - System32\Tasks\0 => Iexplore.exe 
Task: {395760AC-D090-4C72-84A0-F51FF9671608} - System32\Tasks\vvlltc => C:\Users\Manni\AppData\Local\vvlltc.bat [2014-07-07] ()
Task: {3EB9C719-B90B-478A-8CB5-14FA78FC1DA9} - System32\Tasks\hcuojdw => C:\Users\Manni\AppData\Local\hcuojdw.bat [2014-07-07] ()
Task: {45036BD0-3DA5-4574-8854-1F68E4F2598E} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5 => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe [2014-07-10] (Cinema Plus)
Task: {452C3DE2-2BA0-455B-A340-894553A2480B} - System32\Tasks\xildor => C:\Users\Manni\AppData\Local\xildor.bat
Task: {470255AC-3406-44C6-8B03-EF695BCB09EA} - System32\Tasks\vckzyho => C:\Users\Manni\AppData\Local\vckzyho.bat [2014-07-07] ()
Task: {482F6C06-2026-4877-9AF1-D954C02AE723} - System32\Tasks\hxjbtn => C:\Users\Manni\AppData\Local\hxjbtn.bat [2014-07-07] ()
Task: {53752472-D7A0-483E-A31A-204A8E322315} - System32\Tasks\yrdwpbam => C:\Users\Manni\AppData\Local\yrdwpbam.bat [2014-07-07] ()
Task: {568FC11B-13C4-49BB-BB4F-321161212AAA} - System32\Tasks\cxmbwla => C:\Users\Manni\AppData\Local\cxmbwla.bat [2014-07-07] ()
Task: {57637382-1B1F-45D2-A198-2540635520E6} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2 => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.exe [2014-07-10] (Cinema Plus)
Task: {59FF3560-52B4-4010-9A5C-9EB85C868435} - System32\Tasks\pricemeterdownloader => C:\Users\Manni\AppData\Local\PriceMeter\pricemeterd.exe
Task: {5A63283D-215D-4428-8543-0BAD7DED2AE6} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5D83D403-C505-4611-800F-7988B37C0742} - System32\Tasks\thlxdj => C:\Users\Manni\AppData\Local\thlxdj.bat [2014-07-07] ()
Task: {5EEC57B0-4161-4A0B-83CD-0774565ED408} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {62354AA0-9626-4046-94DB-35143ED1C08A} - System32\Tasks\rwbfjosw => C:\Users\Manni\AppData\Local\rwbfjosw.bat [2014-07-07] ()
Task: {6596B45D-E47E-4C1B-A5E0-D241F21430B4} - System32\Tasks\4680 => Wscript.exe C:\Users\Manni\AppData\Local\Temp\launchie.vbs //B
Task: {68F6D1D5-5AF5-4D8D-833D-97D113BB174C} - System32\Tasks\cmymq => C:\Users\Manni\AppData\Local\cmymq.bat
Task: {70380FC0-647A-4D69-A5B9-152A28069808} - System32\Tasks\cncwr => C:\Users\Manni\AppData\Local\cncwr.bat [2014-07-07] ()
Task: {802A4CBD-8C34-409E-A27A-7BB66BCB8968} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-10] (globalUpdate)
Task: {86F52852-72F6-442B-B69F-2582D219A477} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {97BAAC2D-ABB2-4594-A3D0-641A86D3AF81} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A04C623C-5D83-4B46-B3A5-AFF3211AB742} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {A25851BB-A2DE-49F0-88D0-E2E6804C50B1} - System32\Tasks\zercimy => C:\Users\Manni\AppData\Local\zercimy.bat [2014-07-07] ()
Task: {A4858354-CF83-4B64-8334-AD10685C8292} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4 => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.exe [2014-07-10] (Cinema Plus)
Task: {AAC68578-92E8-4703-A1C8-C20D6AF38F62} - System32\Tasks\euldbj => C:\Users\Manni\AppData\Local\euldbj.bat [2014-07-07] ()
Task: {B0440841-1685-43F0-BDFE-0EE014FCF809} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION
Task: {B4753996-0693-45AB-B44E-629A03944B11} - System32\Tasks\ckcqenf => C:\Users\Manni\AppData\Local\ckcqenf.bat [2014-07-07] ()
Task: {B4F95A3E-4981-4D61-A7B3-AB7861AD9E9F} - System32\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-1 => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-codedownloader.exe [2014-07-10] (Cinema Plus)
Task: {BB656CB5-DD11-4A97-979B-45104C51E9A3} - System32\Tasks\blerf => C:\Users\Manni\AppData\Local\blerf.bat
Task: {BDD59F76-4315-48B1-945F-B2E4CDE7F910} - System32\Tasks\jfcyuqn => C:\Users\Manni\AppData\Local\jfcyuqn.bat [2014-07-07] ()
Task: {C4BEB79C-0B57-4EB6-A170-AE20FCF84421} - System32\Tasks\dultkbj => C:\Users\Manni\AppData\Local\dultkbj.bat [2014-07-07] ()
Task: {C7E4A8C7-0A49-40DB-B0B0-76F7B7E14CC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {CBAF75D9-4A25-4041-A2F5-5FB4214D7480} - System32\Tasks\rdfqa => C:\Users\Manni\AppData\Local\rdfqa.bat
Task: {D6720897-3796-4410-B465-BDFD4C6B848A} - System32\Tasks\cnaob => C:\Users\Manni\AppData\Local\cnaob.bat [2014-07-07] ()
Task: {D9D9CEEA-736D-42F6-82B0-2317C9599064} - System32\Tasks\sxbadc => C:\Users\Manni\AppData\Local\sxbadc.bat [2014-07-07] ()
Task: {DB802726-D195-4A90-98D6-1DA8CA90B528} - System32\Tasks\ykvhrd => C:\Users\Manni\AppData\Local\ykvhrd.bat
Task: {DE7CAB67-59AD-4664-8A09-62E328D2C103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E26D4FC0-020D-4882-A2CA-122EF3642D99} - System32\Tasks\tbhutb => C:\Users\Manni\AppData\Local\tbhutb.bat [2014-07-07] ()
Task: {E41A9173-3D19-4554-8AB5-BA876DFE5441} - System32\Tasks\numss => C:\Users\Manni\AppData\Local\numss.bat [2014-07-07] ()
Task: {E41F8BE0-222B-4402-8CD1-AB2C2C0C98FD} - System32\Tasks\cfaefde => C:\Users\Manni\AppData\Local\cfaefde.bat [2014-07-07] ()
Task: {E96E061B-0CC6-4D5C-A090-A798A94DF377} - System32\Tasks\kawlb => C:\Users\Manni\AppData\Local\kawlb.bat [2014-07-07] ()
Task: {EBC9B429-D6AE-4B26-A4D0-F579ABAD46A5} - System32\Tasks\psbwfitn => C:\Users\Manni\AppData\Local\psbwfitn.bat [2014-07-07] ()
Task: {EEECBA7C-C3ED-4744-84A9-B8BAF396CA8A} - System32\Tasks\eljqou => C:\Users\Manni\AppData\Local\eljqou.bat
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-1.job => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-codedownloader.exe
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.job => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.exe
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.job => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.exe
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.job => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe
Task: C:\Windows\Tasks\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5_user.job => C:\Program Files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-01-23 12:23 - 2010-04-21 10:59 - 00058880 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_x64.dll
2009-11-14 19:25 - 2009-07-06 21:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-03-01 13:37 - 2008-12-02 14:21 - 00041984 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-02 16:46 - 2009-10-02 16:46 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-03-18 02:25 - 2010-03-18 02:25 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2011-01-23 12:23 - 2010-04-21 11:00 - 00058368 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_Win32.dll
2011-03-01 13:37 - 2011-02-04 09:35 - 00815616 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2011-03-01 13:37 - 2010-09-30 10:14 - 00055296 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_03.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/22/2014 02:15:15 PM) (Source: MsiInstaller) (EventID: 1024) (User: Lappi-Manni)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/22/2014 01:36:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 21.8.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1398

Startzeit: 01cfbdfc72054406

Endzeit: 60

Anwendungspfad: C:\Users\Manni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0UBWI1AG\FRST64.exe

Berichts-ID: 7f004efe-29f0-11e4-ab33-c80aa93671f0

Error: (08/22/2014 08:33:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 724

Startzeit: 01cfbb66d70faea7

Endzeit: 0

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 32bfbbd7-29c6-11e4-b029-c80aa93671f0

Error: (08/18/2014 09:44:39 AM) (Source: globalUpdate Update) (EventID: 1) (User: NT-AUTORITÄT)
Description: globalUpdate Update has encountered a fatal error.
ver=1.3.25.0.private;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files (x86)\globalUpdate\CrashReports\98bc82b4-87da-4853-9b79-5cb43f836e8c.dmp

Error: (08/16/2014 11:34:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm cmd.exe, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b3c

Startzeit: 01cfb9344f38d8a6

Endzeit: 312

Anwendungspfad: C:\Windows\SYSTEM32\cmd.exe

Berichts-ID: 75ce7901-2528-11e4-9698-c80aa93671f0

Error: (08/16/2014 11:29:46 AM) (Source: MsiInstaller) (EventID: 1024) (User: Lappi-Manni)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/15/2014 10:05:29 AM) (Source: MsiInstaller) (EventID: 1024) (User: Lappi-Manni)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/13/2014 04:25:59 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {16cbb024-e2c8-4a7a-87f8-21379c840df4}

Error: (08/10/2014 08:49:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17207, Zeitstempel: 0x53a20c50
Name des fehlerhaften Moduls: Cinema-Plus-1.2-bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x53bdbd1d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02eda65c
ID des fehlerhaften Prozesses: 0xb14
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (08/07/2014 11:09:21 AM) (Source: globalUpdate Update) (EventID: 1) (User: NT-AUTORITÄT)
Description: globalUpdate Update has encountered a fatal error.
ver=1.3.25.0.private;lang=en;id=;is_machine=1;upload=0;minidump=C:\Program Files (x86)\globalUpdate\CrashReports\968cb9e4-9e11-41b8-aeca-d49e436a0676.dmp


System errors:
=============
Error: (08/22/2014 02:13:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BHDrvx64
SRTSP

Error: (08/22/2014 02:13:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update findopolis" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/22/2014 02:12:55 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (08/22/2014 02:12:38 PM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.

Error: (08/22/2014 01:20:04 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.

Error: (08/22/2014 01:19:56 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (08/22/2014 01:16:03 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (08/22/2014 00:41:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BHDrvx64
SRTSP

Error: (08/22/2014 00:41:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update findopolis" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/22/2014 00:41:35 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5.


Microsoft Office Sessions:
=========================
Error: (07/29/2014 10:26:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 116 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/29/2014 10:25:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 253 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/08/2014 00:06:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/29/2013 05:42:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14026 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/13/2012 00:34:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1107 seconds with 240 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-08-22 14:52:21.161
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 14:39:16.298
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 14:24:54.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 12:08:41.049
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-19 07:22:24.312
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 08:17:50.468
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-16 11:38:13.950
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-15 10:32:30.832
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-14 12:38:46.136
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:28:27.493
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II Dual-Core M320
Percentage of memory in use: 70%
Total physical RAM: 1788.2 MB
Available physical RAM: 525.07 MB
Total Pagefile: 3576.4 MB
Available Pagefile: 1601.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:219.13 GB) (Free:143.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.46 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 041DF713)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

--- --- ---

M-K-D-B · 22.08.2014, 16:49

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Da gibt es viel zu tun... wir beginnen erst mal so:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

0815Horst · 23.08.2014, 10:39

Hallo Matthias,

hier ist Norton 360 online drauf. Habe es einfach nciht deaktiviert bekommen. Leider gab Google auch keine Hilfe.

Habe es durchlaufen lassen trotz Norton:

Code:

ATTFilter

ComboFix 14-08-21.01 - Manni 23.08.2014  11:07:31.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.1788.432 [GMT 2:00]
ausgeführt von:: c:\users\Manni\Desktop\ComboFix.exe
AV: Norton 360 Online *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Norton 360 Online *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton 360 Online *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Cinema-Plus-1.2
c:\program files (x86)\Cinema-Plus-1.2\1293297481.mxaddon
c:\program files (x86)\Cinema-Plus-1.2\360-60548.crx
c:\program files (x86)\Cinema-Plus-1.2\60548.crx
c:\program files (x86)\Cinema-Plus-1.2\60548.xpi
c:\program files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-2.exe
c:\program files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-4.exe
c:\program files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4-5.exe
c:\program files (x86)\Cinema-Plus-1.2\a4dbbd90-de4e-47e1-9c60-b1c01e6802e4.crx
c:\program files (x86)\Cinema-Plus-1.2\background.html
c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho.dll
c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho64.dll
c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-codedownloader.exe
c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2.ico
c:\program files (x86)\Cinema-Plus-1.2\Uninstall.exe
c:\programdata\374311380
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-07-23 bis 2014-08-23  ))))))))))))))))))))))))))))))
.
.
2014-08-23 09:21 . 2014-08-23 09:21	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-08-23 09:01 . 2014-05-14 16:23	44512	----a-w-	c:\windows\system32\wups2.dll
2014-08-23 09:01 . 2014-05-14 16:23	58336	----a-w-	c:\windows\system32\wuauclt.exe
2014-08-23 09:01 . 2014-05-14 16:23	2477536	----a-w-	c:\windows\system32\wuaueng.dll
2014-08-23 09:01 . 2014-05-14 16:21	2620928	----a-w-	c:\windows\system32\wucltux.dll
2014-08-23 09:00 . 2014-05-14 07:23	198600	----a-w-	c:\windows\system32\wuwebv.dll
2014-08-23 09:00 . 2014-05-14 07:23	179656	----a-w-	c:\windows\SysWow64\wuwebv.dll
2014-08-23 09:00 . 2014-05-14 07:20	36864	----a-w-	c:\windows\system32\wuapp.exe
2014-08-23 09:00 . 2014-05-14 07:17	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2014-08-22 13:01 . 2014-03-09 21:48	171160	----a-w-	c:\windows\system32\infocardapi.dll
2014-08-22 13:01 . 2014-03-09 21:47	99480	----a-w-	c:\windows\SysWow64\infocardapi.dll
2014-08-22 13:01 . 2014-03-09 21:48	1389208	----a-w-	c:\windows\system32\icardagt.exe
2014-08-22 13:01 . 2014-03-09 21:47	619672	----a-w-	c:\windows\SysWow64\icardagt.exe
2014-08-22 13:01 . 2014-06-30 22:24	8856	----a-w-	c:\windows\system32\icardres.dll
2014-08-22 13:01 . 2014-06-30 22:14	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2014-08-22 13:01 . 2014-06-06 06:16	35480	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2014-08-22 13:01 . 2014-06-06 06:12	35480	----a-w-	c:\windows\system32\TsWpfWrp.exe
2014-08-22 11:53 . 2014-07-16 03:23	2048	----a-w-	c:\windows\system32\tzres.dll
2014-08-22 11:53 . 2014-07-16 02:46	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-08-22 11:53 . 2014-06-03 10:02	3241984	----a-w-	c:\windows\system32\msi.dll
2014-08-22 11:53 . 2014-06-03 10:02	1941504	----a-w-	c:\windows\system32\authui.dll
2014-08-22 11:53 . 2014-06-03 09:29	2363392	----a-w-	c:\windows\SysWow64\msi.dll
2014-08-22 11:53 . 2014-06-03 10:02	112064	----a-w-	c:\windows\system32\consent.exe
2014-08-22 11:53 . 2014-06-03 10:02	504320	----a-w-	c:\windows\system32\msihnd.dll
2014-08-22 11:53 . 2014-06-03 09:29	337408	----a-w-	c:\windows\SysWow64\msihnd.dll
2014-08-22 11:53 . 2014-06-03 09:29	1805824	----a-w-	c:\windows\SysWow64\authui.dll
2014-08-22 11:52 . 2014-06-16 02:10	985536	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2014-08-22 11:42 . 2014-07-14 02:02	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-08-22 11:42 . 2014-07-14 01:40	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-08-22 11:39 . 2014-08-07 02:06	529920	----a-w-	c:\windows\system32\aepdu.dll
2014-08-22 11:39 . 2014-08-07 02:01	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-08-22 11:32 . 2014-08-22 11:32	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-08-22 11:30 . 2014-08-22 12:57	--------	d-----w-	C:\FRST
2014-07-24 11:12 . 2014-07-25 14:22	--------	d-----w-	c:\users\Manni\martin
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-22 13:08 . 2010-11-02 12:53	99218768	----a-w-	c:\windows\system32\MRT.exe
2014-07-11 01:02 . 2014-07-19 12:44	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-09 07:13 . 2012-05-31 16:05	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-09 07:13 . 2011-09-26 08:08	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-07 13:09 . 2014-07-07 13:09	267	----a-w-	c:\users\Manni\AppData\Local\psbwfitn.bat
2014-07-07 13:07 . 2014-07-07 13:07	267	----a-w-	c:\users\Manni\AppData\Local\vvlltc.bat
2014-07-07 13:05 . 2014-07-07 13:05	267	----a-w-	c:\users\Manni\AppData\Local\bcidpkfz.bat
2014-07-07 13:03 . 2014-07-07 13:03	267	----a-w-	c:\users\Manni\AppData\Local\ckcqenf.bat
2014-07-07 13:01 . 2014-07-07 13:01	267	----a-w-	c:\users\Manni\AppData\Local\euldbj.bat
2014-07-07 08:54 . 2014-07-07 08:54	267	----a-w-	c:\users\Manni\AppData\Local\koswc.bat
2014-07-07 08:52 . 2014-07-07 08:52	267	----a-w-	c:\users\Manni\AppData\Local\dultkbj.bat
2014-07-07 08:50 . 2014-07-07 08:50	267	----a-w-	c:\users\Manni\AppData\Local\thlxdj.bat
2014-07-07 08:48 . 2014-07-07 08:48	267	----a-w-	c:\users\Manni\AppData\Local\zercimy.bat
2014-07-07 08:43 . 2014-07-07 08:43	267	----a-w-	c:\users\Manni\AppData\Local\kfuync.bat
2014-07-07 08:41 . 2014-07-07 08:41	267	----a-w-	c:\users\Manni\AppData\Local\rwbfjosw.bat
2014-07-07 08:39 . 2014-07-07 08:39	267	----a-w-	c:\users\Manni\AppData\Local\kawlb.bat
2014-07-07 08:37 . 2014-07-07 08:37	267	----a-w-	c:\users\Manni\AppData\Local\vckzyho.bat
2014-07-07 08:35 . 2014-07-07 08:35	267	----a-w-	c:\users\Manni\AppData\Local\atviuwjb.bat
2014-07-07 08:33 . 2014-07-07 08:33	267	----a-w-	c:\users\Manni\AppData\Local\cocwrgcn.bat
2014-07-07 08:31 . 2014-07-07 08:31	267	----a-w-	c:\users\Manni\AppData\Local\yrdwpbam.bat
2014-07-07 08:29 . 2014-07-07 08:29	267	----a-w-	c:\users\Manni\AppData\Local\jfcyuqn.bat
2014-07-07 08:27 . 2014-07-07 08:27	267	----a-w-	c:\users\Manni\AppData\Local\cfaefde.bat
2014-07-07 08:25 . 2014-07-07 08:25	267	----a-w-	c:\users\Manni\AppData\Local\hcuojdw.bat
2014-07-07 08:23 . 2014-07-07 08:23	267	----a-w-	c:\users\Manni\AppData\Local\sxbadc.bat
2014-07-07 08:21 . 2014-07-07 08:21	267	----a-w-	c:\users\Manni\AppData\Local\numss.bat
2014-07-07 08:19 . 2014-07-07 08:19	267	----a-w-	c:\users\Manni\AppData\Local\cnaob.bat
2014-07-07 08:17 . 2014-07-07 08:17	267	----a-w-	c:\users\Manni\AppData\Local\cxmbwla.bat
2014-07-07 08:14 . 2014-07-07 08:14	267	----a-w-	c:\users\Manni\AppData\Local\ttahnlby.bat
2014-07-07 08:12 . 2014-07-07 08:12	267	----a-w-	c:\users\Manni\AppData\Local\cncwr.bat
2014-07-07 08:10 . 2014-07-07 08:10	267	----a-w-	c:\users\Manni\AppData\Local\tbhutb.bat
2014-07-07 08:08 . 2014-07-07 08:08	267	----a-w-	c:\users\Manni\AppData\Local\hxjbtn.bat
2014-07-04 07:42 . 2014-07-05 15:03	61112	----a-w-	c:\windows\system32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys
2014-06-18 02:18 . 2014-07-09 21:05	692736	----a-w-	c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 21:05	646144	----a-w-	c:\windows\SysWow64\osk.exe
2014-06-18 01:10 . 2014-07-09 21:05	3157504	----a-w-	c:\windows\system32\win32k.sys
2014-06-12 19:05 . 2014-06-12 19:05	46376	----a-w-	c:\windows\system32\drivers\netfilter64.sys
2014-06-06 10:10 . 2014-07-09 21:05	624128	----a-w-	c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-09 21:05	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-09 21:01	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-09 21:01	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-09 21:01	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-09 21:05	210944	----a-w-	c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-09 21:05	86528	----a-w-	c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-09 21:05	340992	----a-w-	c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-09 21:05	314880	----a-w-	c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-09 21:05	307200	----a-w-	c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-09 21:05	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-09 21:05	22016	----a-w-	c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-09 21:05	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-09 21:05	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-09 21:05	247808	----a-w-	c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-09 21:05	220160	----a-w-	c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-09 21:05	259584	----a-w-	c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-09 21:05	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-09 21:05	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-09 21:05	497152	----a-w-	c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-05-08 10:52	513648	----a-w-	c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"T-Home Dialerschutz-Software"="c:\program files (x86)\T-Home\Dialerschutz-Software\Defender64.exe" [2010-03-29 1974408]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2013-12-29 1258504]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
c:\users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Hardcopy.LNK - c:\program files (x86)\Hardcopy\hardcopy.exe [2011-3-1 1727488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 Update findopolis;Update findopolis;c:\program files (x86)\findopolis\updatefindopolis.exe;c:\program files (x86)\findopolis\updatefindopolis.exe [x]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 DFSYS;T-Home Dialerschutz Hooking Treiber;c:\program files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS;c:\program files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TridVid;Video Grabber;c:\windows\system32\DRIVERS\TridVid6010.sys;c:\windows\SYSNATIVE\DRIVERS\TridVid6010.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1504000.00D\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1504000.00D\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMEFA64.SYS [x]
S1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64;{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64;c:\windows\system32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys;c:\windows\SYSNATIVE\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys [x]
S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1504000.00D\SYMNETS.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DFSVC;T-Home Dialerschutz Dienst;c:\program files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe;c:\program files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SipIMNDI;T-Home Dialerschutz VoIP Service;c:\windows\system32\DRIVERS\SipIMNDI64.sys;c:\windows\SYSNATIVE\DRIVERS\SipIMNDI64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-31 07:13]
.
2014-08-23 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-04 19:41]
.
2014-08-22 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-04 19:41]
.
2014-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15 16:33]
.
2014-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15 16:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-14 171520]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://rocket-find.com/?f=1&a=rckt_ir_14_27_ff&cd=2XzuyEtN2Y1L1Qzu0FtDyB0B0C0BtAyB0CtAyDtAyB0FyEyBtN0D0Tzu0SzytCyBtN1L2XzutBtFtBtCtFtCtCtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0CyBtBtA0EyBzztG0CyEyBtBtG0D0DyDyBtGyByD0E0CtGtCtDtCyEtDtC0ByC0C0D0F0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0FyBtDtDyE0EtCtGyE0DzzzztG0FyB0CtAtGtDyEzy0AtGtCyByEtA0BzztD0FtA0FyByD2Q&cr=464099971&ir=
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
mDefault_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
mStart Page = hxxp://start.qone8.com/?type=hp&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=DE&userid=6a204f59-994d-40ab-b68c-d9bdaffa677b&searchtype=ds&q={searchTerms}&installDate={installDate}
mSearchAssistant = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
mCustomizeSearch = hxxp://www.qone8.com/web/?type=ds&ts=1401462126&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX&q={searchTerms}
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\
FF - prefs.js: browser.search.selectedEngine - qone8
FF - prefs.js: browser.startup.homepage - hxxp://start.qone8.com/?type=hppp&ts=1404975844&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{11111111-1111-1111-1111-110611051148} - c:\program files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho.dll
BHO-{990af1c2-5a27-4460-8149-ecc6bc122af3} - (no file)
BHO-{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - c:\program files (x86)\PricePeep\pricepeep.dll
Wow6432Node-HKCU-Run-ISUSPM Startup - c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
Wow6432Node-HKCU-Run-PriceMeterW - c:\users\Manni\AppData\Local\PriceMeter\pricemeterw.exe
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
Wow6432Node-HKLM-Run-fst_de_82 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110511951199} - c:\program files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Cinema-Plus-1.2 - c:\program files (x86)\Cinema-Plus-1.2\Uninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.4.0.13\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.4.0.13;c:\program files (x86)\Norton 360\Engine64\21.4.0.13"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-23  11:32:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-08-23 09:32
.
Vor Suchlauf: 15 Verzeichnis(se), 153.922.609.152 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 152.938.594.304 Bytes frei
.
- - End Of File - - 6021D38AED0227187B96FE6147BDD99C
4576B765DFBA06B1E3EDDD7B983B8768

M-K-D-B · 23.08.2014, 12:37

Servus,

ok, gut gemacht.

So geht es weiter:

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von JRT,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

0815Horst · 25.08.2014, 11:10

Hallo,
so dann will ich mal die ganzen log posten

Code:

ATTFilter

# AdwCleaner v3.308 - Bericht erstellt am 25/08/2014 um 09:32:55
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Manni - LAPPI-MANNI
# Gestartet von : C:\Users\Manni\Desktop\adwcleaner_3.308.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : globalUpdatem
Dienst Gelöscht : IePluginServices
[#] Dienst Gelöscht : Web Assistant Updater
Dienst Gelöscht : {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\WindowsProtectManger
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\Inbox Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Program Files\SupraSavings
Ordner Gelöscht : C:\Users\Manni\AppData\Local\cool_mirage
Ordner Gelöscht : C:\Users\Manni\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Manni\AppData\Local\PriceMeter
Ordner Gelöscht : C:\Users\Manni\AppData\Local\WeatherAlerts
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Genesis_07101933
Ordner Gelöscht : C:\Users\Manni\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Manni\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Manni\AppData\LocalLow\Inbox Toolbar
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Manni\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\z0xngxin.default\Extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Ordner Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
[!] Ordner Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\igckfjdcbkimejmjmpmebffdjjjgncfn
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\drivers\netfilter64.sys
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys
Datei Gelöscht : C:\Users\Manni\daemonprocess.txt
Datei Gelöscht : C:\Users\Manni\AppData\LocalLow\SkwConfig.bin
Datei Gelöscht : C:\Users\Manni\Desktop\Continue Zip Extractor Installation.lnk
Datei Gelöscht : C:\Users\Manni\Desktop\eBay.lnk
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml
Datei Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : globalUpdateUpdateTaskMachineCore
Task Gelöscht : globalUpdateUpdateTaskMachineUA
Task Gelöscht : Optimizer Pro Schedule
Task Gelöscht : pricemeterdownloader

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Manni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SOFTWARE\5e53d98fb36ae846
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0059599.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0059599.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0060548.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0060548.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0060548.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2724407
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611051148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622052248}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655055548}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666056648}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611051148}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622052248}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655055548}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666056648}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\FreeSoftToday
Schlüssel Gelöscht : HKCU\Software\genesis
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Inbox Toolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
Schlüssel Gelöscht : HKCU\Software\SoftwareUpdater
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PricePeep
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\suprasavings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\video MediaPlay-Air
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\DealPlyLive
Schlüssel Gelöscht : HKLM\SOFTWARE\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\FrEeSoFtOdAy
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Inbox Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\PriceMeterLiveUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\qone8Software
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsProtectManger
Schlüssel Gelöscht : HKLM\SOFTWARE\SweetIM
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Updater By Sweetpacks
Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\suprasavings
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "qone8");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "qone8");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.qone8.com/?type=hppp&ts=1404975844&from=ild&uid=HitachiXHTS725025A9A364_100223PCK200VJGUN9HJX");
Zeile gelöscht : user_pref("extensions.acaseyvelezaolcom61788.61788.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anthropologie.com%2[...]
Zeile gelöscht : user_pref("extensions.acaseyvelezaolcom61788.61788.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22urls%22[...]
Zeile gelöscht : user_pref("extensions.ad55cd0d79f24466095b3188599e8e4f86b2faf04e86f4bcfa878632814acf518com60548.60548.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.aff8065806db34c09ba06d6caf0e991728453cb257fef4ed58934b08be5605617com59599.59599.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1471b4108ab545aaa48fb3ba4aff9dd9");

-\\ Google Chrome v

[ Datei : C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [43912 octets] - [25/08/2014 09:28:57]
AdwCleaner[S0].txt - [39415 octets] - [25/08/2014 09:32:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39476 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Manni on 25.08.2014 at 11:01:03,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-418493526-2778782540-3642645566-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-418493526-2778782540-3642645566-1000\Software\web assistant



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Manni\AppData\Roaming\mozilla\firefox\profiles\380272r2.default-1404892408515\prefs.js

user_pref("extensions.acaseyvelezaolcom61788.61788.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dea
user_pref("extensions.aff8065806db34c09ba06d6caf0e991728453cb257fef4ed58934b08be5605617com59599.59599.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
Emptied folder: C:\Users\Manni\AppData\Roaming\mozilla\firefox\profiles\380272r2.default-1404892408515\minidumps [12 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.08.2014 at 11:38:37,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.08.2014
Suchlauf-Zeit: 09:50:32
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Manni

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 269445
Verstrichene Zeit: 36 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 5
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\CLASSES\Inbox.WS.com IE Toolbar, In Quarantäne, [89c04bb495e580b63511e88d5ea40ff1], 
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Inbox.WS.com IE Toolbar, In Quarantäne, [a7a2f40b72086bcbec5ad0a58f730ff1], 
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, In Quarantäne, [2a1f748b49314aec02f0a50c21e23ec2], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511951199}, In Quarantäne, [4702f609dd9de74f33ce71c1d232b947], 
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511951199}, In Quarantäne, [4702f609dd9de74f33ce71c1d232b947], 

Registrierungswerte: 1
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, In Quarantäne, [2a1f748b49314aec02f0a50c21e23ec2]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 2
PUP.Optional.HDStreamer, C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb, In Quarantäne, [54f5ad52a1d982b44f25cdbce81a07f9], 
PUP.Optional.WhiteSmoke.A, C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj, In Quarantäne, [5dec08f784f69b9b3636ef9c8a7809f7], 

Dateien: 10
PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\google-chrome (1).exe, In Quarantäne, [d673ee110674c1755e276cdaef12946c], 
PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\google-chrome.exe, In Quarantäne, [f95035cabebcaf87dea7ba8c9a673fc1], 
PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\Setup (1).exe, In Quarantäne, [cb7ea857a3d79f97582d0e3856ab629e], 
PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\Setup (2).exe, In Quarantäne, [41083fc0d6a4da5cd8adde68748dbf41], 
PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\Setup (3).exe, In Quarantäne, [d07917e893e7b680cabb0e38010011ef], 
PUP.Optional.Solimba.mr, C:\Users\Manni\Downloads\Setup (4).exe, In Quarantäne, [c188c23d93e768ce731f8fc106fb7987], 
PUP.Optional.Solimba.mr, C:\Users\Manni\Downloads\setup (5).exe, In Quarantäne, [6adf7f804c2e092d8210f858ee1343bd], 
PUP.Optional.Solimba.mr, C:\Users\Manni\Downloads\setup (6).exe, In Quarantäne, [cb7eb7482a504aec454dcc84c93810f0], 
PUP.Adware.DomaIQ, C:\Users\Manni\Downloads\Setup.exe, In Quarantäne, [381157a85624c96d83024bfb1fe29769], 
PUP.Optional.JumpyApps.A, C:\Users\Manni\Downloads\zipextractorsetup.exe, In Quarantäne, [4dfc5aa54e2cae88f0fbf826f70db44c], 

Physische Sektoren: 0
(No malicious items detected)


(end)

0815Horst · 25.08.2014, 11:14

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2014
Ran by Manni (administrator) on LAPPI-MANNI on 25-08-2014 11:40:28
Running from C:\Users\Manni\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-11-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe [1974408 2010-03-29] (T-Systems International GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-29] (Easybits)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {16ED00DE-DF19-4BC9-9E03-52C3121B7124} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {8E25DF21-98F1-47A6-A2A4-3C261D916603} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7AURU_deDE498
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {990af1c2-5a27-4460-8149-ecc6bc122af3} ->  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Cinema-Plus-1.2c - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\caseyvelez@aol.com [2014-08-23]
FF Extension: video MediaPlayer - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com [2014-07-11]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2014-08-01]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-13]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-04-01]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: 
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (YouTube) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google-Suche) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Cinema-Plus-1.2) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikpbmdkdomofnnkcaoepabekgkedfhom [2014-07-10]
CHR Extension: (Norton Identity Protection) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-06-07]
CHR Extension: (Google Wallet) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Google Mail) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2011-12-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 DFSVC; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [376832 2009-10-21] (T-Systems International GmbH) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]
S2 Update findopolis; "C:\Program Files (x86)\findopolis\updatefindopolis.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R3 DFSYS; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [17952 2009-10-15] (T-Systems International GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-13] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys [525016 2014-03-31] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\ENG64.SYS [126040 2014-07-18] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\EX64.SYS [2099288 2014-07-18] (Symantec Corporation)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI64.sys [28192 2009-10-15] (T-Systems International GmbH)
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-31] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 TridVid; C:\Windows\System32\DRIVERS\TridVid6010.sys [287488 2010-10-10] (10Moons Technologies Co.,Ltd)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 11:38 - 2014-08-25 11:38 - 00001747 _____ () C:\Users\Manni\Desktop\JRT.txt
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 10:58 - 2014-08-25 10:59 - 01016261 _____ (Thisisu) C:\Users\Manni\Desktop\JRT.exe
2014-08-25 10:49 - 2014-08-25 10:49 - 00003495 _____ () C:\Users\Manni\Desktop\mbam.txt
2014-08-25 09:49 - 2014-08-25 10:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 09:45 - 2014-08-25 09:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-25 09:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-25 09:45 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-25 09:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-25 09:42 - 2014-08-25 09:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manni\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:38 - 2014-08-25 09:38 - 00039901 _____ () C:\Users\Manni\Desktop\AdwCleaner[S0].txt
2014-08-25 09:28 - 2014-08-25 09:34 - 00000000 ____D () C:\AdwCleaner
2014-08-25 09:26 - 2014-08-25 09:27 - 01364531 _____ () C:\Users\Manni\Desktop\adwcleaner_3.308.exe
2014-08-23 11:32 - 2014-08-23 11:32 - 00029498 _____ () C:\ComboFix.txt
2014-08-23 11:01 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 11:01 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 11:01 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 11:01 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 11:01 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 11:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 11:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 11:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 11:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-22 18:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-22 18:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-22 18:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-22 18:22 - 2014-08-23 11:32 - 00000000 ____D () C:\Qoobox
2014-08-22 18:20 - 2014-08-23 11:29 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 18:15 - 2014-08-22 18:14 - 05572006 ____R (Swearware) C:\Users\Manni\Desktop\ComboFix.exe
2014-08-22 18:13 - 2014-08-22 18:14 - 05572006 _____ (Swearware) C:\Users\Manni\Downloads\ComboFix.exe
2014-08-22 15:01 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-22 15:01 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-22 15:01 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-22 15:01 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-22 15:01 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-22 15:01 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-22 15:01 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-22 15:01 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-22 14:56 - 2014-08-22 14:57 - 00049858 _____ () C:\Users\Manni\Desktop\Addition.txt
2014-08-22 14:52 - 2014-08-25 11:41 - 00022389 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:48 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 13:53 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-22 13:53 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-22 13:53 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-22 13:53 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-22 13:53 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-22 13:52 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-22 13:45 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-22 13:45 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-22 13:45 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-22 13:45 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-22 13:45 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-22 13:45 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-22 13:45 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-22 13:45 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-22 13:45 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-22 13:45 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-22 13:45 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-22 13:45 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-22 13:45 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-22 13:45 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-22 13:44 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-22 13:44 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-22 13:44 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-22 13:44 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-22 13:44 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-22 13:44 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-22 13:44 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-22 13:44 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-22 13:44 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-22 13:44 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-22 13:44 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-22 13:44 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-22 13:44 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-22 13:44 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-22 13:44 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-22 13:44 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-22 13:44 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-22 13:44 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-22 13:44 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-22 13:44 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-22 13:44 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-22 13:44 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-22 13:44 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-22 13:44 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-22 13:44 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-22 13:44 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-22 13:44 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-22 13:44 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-22 13:44 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-22 13:44 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-22 13:44 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-22 13:44 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-22 13:44 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-22 13:44 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-22 13:44 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-22 13:44 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-22 13:44 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-22 13:44 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-22 13:44 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-22 13:44 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-22 13:44 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-22 13:44 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-22 13:44 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-22 13:44 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-22 13:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-22 13:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-22 13:39 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-22 13:39 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 13:30 - 2014-08-25 11:40 - 00000000 ____D () C:\FRST
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 10:04 - 2014-07-31 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 11:41 - 2014-08-22 14:52 - 00022389 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-25 11:40 - 2014-08-22 13:30 - 00000000 ____D () C:\FRST
2014-08-25 11:38 - 2014-08-25 11:38 - 00001747 _____ () C:\Users\Manni\Desktop\JRT.txt
2014-08-25 11:11 - 2009-07-14 06:51 - 01006643 _____ () C:\Windows\setupact.log
2014-08-25 11:08 - 2011-11-08 14:11 - 00000000 ____D () C:\Users\Manni\AppData\Local\CrashDumps
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 10:59 - 2014-08-25 10:58 - 01016261 _____ (Thisisu) C:\Users\Manni\Desktop\JRT.exe
2014-08-25 10:56 - 2010-03-18 02:27 - 01838767 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 10:53 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-25 10:53 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 10:49 - 2014-08-25 10:49 - 00003495 _____ () C:\Users\Manni\Desktop\mbam.txt
2014-08-25 10:46 - 2014-08-25 09:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 10:45 - 2014-06-11 19:11 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-25 10:45 - 2011-02-15 18:33 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-25 10:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-25 10:44 - 2011-02-15 18:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-25 10:44 - 2010-03-18 02:29 - 02149172 _____ () C:\Windows\PFRO.log
2014-08-25 10:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-08-25 10:43 - 2012-05-31 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-25 09:45 - 2014-08-25 09:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-25 09:43 - 2014-08-25 09:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manni\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:38 - 2014-08-25 09:38 - 00039901 _____ () C:\Users\Manni\Desktop\AdwCleaner[S0].txt
2014-08-25 09:34 - 2014-08-25 09:28 - 00000000 ____D () C:\AdwCleaner
2014-08-25 09:34 - 2013-11-29 19:43 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-25 09:34 - 2010-11-02 13:55 - 00000995 _____ () C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-25 09:34 - 2010-11-02 13:50 - 00000000 ____D () C:\Users\Manni
2014-08-25 09:27 - 2014-08-25 09:26 - 01364531 _____ () C:\Users\Manni\Desktop\adwcleaner_3.308.exe
2014-08-25 09:27 - 2011-06-14 09:07 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A8B97CD3-7C97-48E7-8FFF-7B2BF938225D}
2014-08-23 11:32 - 2014-08-23 11:32 - 00029498 _____ () C:\ComboFix.txt
2014-08-23 11:32 - 2014-08-22 18:22 - 00000000 ____D () C:\Qoobox
2014-08-23 11:32 - 2014-04-23 08:56 - 00000000 ____D () C:\Users\dub_cm_auto
2014-08-23 11:29 - 2014-08-22 18:20 - 00000000 ____D () C:\Windows\erdnt
2014-08-23 11:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-23 11:23 - 2009-07-14 04:34 - 91750400 _____ () C:\Windows\system32\config\software.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 17301504 _____ () C:\Windows\system32\config\system.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-08-22 18:14 - 2014-08-22 18:15 - 05572006 ____R (Swearware) C:\Users\Manni\Desktop\ComboFix.exe
2014-08-22 18:14 - 2014-08-22 18:13 - 05572006 _____ (Swearware) C:\Users\Manni\Downloads\ComboFix.exe
2014-08-22 15:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-22 15:22 - 2009-11-14 18:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-22 15:13 - 2013-08-14 18:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-22 15:08 - 2010-11-02 14:53 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-22 15:00 - 2014-05-06 22:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-22 14:57 - 2014-08-22 14:56 - 00049858 _____ () C:\Users\Manni\Desktop\Addition.txt
2014-08-22 14:48 - 2014-08-22 14:45 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 13:56 - 2011-11-01 15:32 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-22 13:56 - 2010-12-08 16:29 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 12:39 - 2014-07-14 16:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-08-22 12:39 - 2014-03-31 17:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-22 12:39 - 2014-01-21 13:02 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-22 12:39 - 2011-06-08 14:39 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-08-22 12:39 - 2010-03-18 02:43 - 00000000 ____D () C:\ProgramData\Norton
2014-08-22 12:39 - 2009-11-15 02:15 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-22 12:38 - 2014-07-08 20:15 - 00000000 ____D () C:\Program Files (x86)\F978377C-B7D4-4536-8E10-14CA97B13394
2014-08-22 12:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-22 12:31 - 2013-07-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-18 15:47 - 2012-06-17 14:17 - 00000000 ____D () C:\Users\Manni\Sigrid_Rezepte
2014-08-15 15:32 - 2010-11-03 15:21 - 00000000 ____D () C:\Users\Manni\Kegeln
2014-08-10 08:46 - 2013-10-21 17:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-08-07 04:06 - 2014-08-22 13:39 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-22 13:39 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 19:09 - 2010-11-13 15:30 - 00000000 ____D () C:\Users\Manni\FZ
2014-08-05 11:30 - 2014-05-30 17:01 - 00000000 ____D () C:\temp
2014-08-01 12:39 - 2013-11-29 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 01:41 - 2014-08-22 13:44 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-22 13:44 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 17:36 - 2011-06-16 16:24 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 17:36 - 2011-06-16 16:23 - 315134067 _____ () C:\Windows\MEMORY.DMP
2014-07-31 16:44 - 2013-12-29 09:58 - 00000000 ____D () C:\ProgramData\Easybits Magic Desktop for HP
2014-07-31 10:06 - 2014-07-31 10:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 09:52 - 2014-07-23 10:52 - 00000000 ____D () C:\Users\Manni\Desktop\Arbeitssicherheit

Some content of TEMP:
====================
C:\Users\Manni\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-02-25 16:11

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2014
Ran by Manni at 2014-08-25 11:42:18
Running from C:\Users\Manni\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
1400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0804.2223.38385 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help English (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help French (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help German (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0804.2223.38385 - ATI) Hidden
Cinema-Plus-1.2 (HKLM-x32\...\Cinema-Plus-1.2) (Version: 1.34.7.1 - Cinema Plus)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2111 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3325 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3325 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1005 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.1.1005 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2130 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2130 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2201 - CyberLink Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.2 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.7.0 - )
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardcopy (C:\Program Files (x86)\Hardcopy) (HKLM-x32\...\Hardcopy(C__Program Files (x86)_Hardcopy)) (Version: 2011.02.12 - www.hardcopy.de)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java(TM) 6 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416015FF}) (Version: 6.0.150 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
T-Home Dialerschutz-Software (HKLM-x32\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

10-08-2014 06:42:14 Installed Java 7 Update 67
10-08-2014 10:13:07 Removed Java(TM) SE Development Kit 6 Update 15 (64-bit)
14-08-2014 20:31:17 Windows Update
22-08-2014 10:06:54 Wiederherstellungsvorgang
22-08-2014 11:42:31 Revo Uninstaller's restore point - Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:44:55 Removed Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:55:33 Revo Uninstaller's restore point - Search Protect
22-08-2014 11:59:40 Revo Uninstaller's restore point - video MediaPlay-Air
22-08-2014 12:26:18 Revo Uninstaller's restore point - GMX Desktop Icons
22-08-2014 12:39:18 Revo Uninstaller's restore point - GMX MailCheck für Internet Explorer
22-08-2014 12:41:38 Revo Uninstaller's restore point - GMX Softwareaktualisierung
22-08-2014 12:59:57 Windows Update
23-08-2014 09:00:01 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-23 11:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00A2143C-288B-4611-88E8-4AEFCC12549C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {0315E158-5D1B-4C24-B7BD-CB737D944E07} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {0E27F6A1-8900-45BF-B630-C819492F06C2} - System32\Tasks\cocwrgcn => C:\Users\Manni\AppData\Local\cocwrgcn.bat [2014-07-07] ()
Task: {12A909A7-A915-4690-93E4-8C739E117D95} - System32\Tasks\wfodnof => C:\Users\Manni\AppData\Local\wfodnof.bat
Task: {13C0A6FB-F1D8-45E9-BE95-CB694C9EF0C8} - System32\Tasks\koswc => C:\Users\Manni\AppData\Local\koswc.bat [2014-07-07] ()
Task: {1E334E91-4473-4C00-95BF-1523CC431FEC} - System32\Tasks\ttahnlby => C:\Users\Manni\AppData\Local\ttahnlby.bat [2014-07-07] ()
Task: {27CE954C-20F7-4E97-AC66-0AE5817FF5D7} - System32\Tasks\kfuync => C:\Users\Manni\AppData\Local\kfuync.bat [2014-07-07] ()
Task: {2C7B34C0-9642-4F1C-8B21-47A364A0CCEB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {2DC77031-4158-43E6-A0D8-9348F4AACC7A} - System32\Tasks\jgcebxt => C:\Users\Manni\AppData\Local\jgcebxt.bat
Task: {2E48DDAE-834D-414C-A0B4-6E966EB1878E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {34E8088A-C36B-429C-8DDD-7ADB2468760A} - System32\Tasks\bcidpkfz => C:\Users\Manni\AppData\Local\bcidpkfz.bat [2014-07-07] ()
Task: {37EDA866-EA3A-4CDF-80A3-6C18F6BD0313} - System32\Tasks\atviuwjb => C:\Users\Manni\AppData\Local\atviuwjb.bat [2014-07-07] ()
Task: {389AD2E4-023F-47CC-AD91-B636F7F141A3} - System32\Tasks\0 => Iexplore.exe 
Task: {395760AC-D090-4C72-84A0-F51FF9671608} - System32\Tasks\vvlltc => C:\Users\Manni\AppData\Local\vvlltc.bat [2014-07-07] ()
Task: {3EB9C719-B90B-478A-8CB5-14FA78FC1DA9} - System32\Tasks\hcuojdw => C:\Users\Manni\AppData\Local\hcuojdw.bat [2014-07-07] ()
Task: {452C3DE2-2BA0-455B-A340-894553A2480B} - System32\Tasks\xildor => C:\Users\Manni\AppData\Local\xildor.bat
Task: {470255AC-3406-44C6-8B03-EF695BCB09EA} - System32\Tasks\vckzyho => C:\Users\Manni\AppData\Local\vckzyho.bat [2014-07-07] ()
Task: {482F6C06-2026-4877-9AF1-D954C02AE723} - System32\Tasks\hxjbtn => C:\Users\Manni\AppData\Local\hxjbtn.bat [2014-07-07] ()
Task: {53752472-D7A0-483E-A31A-204A8E322315} - System32\Tasks\yrdwpbam => C:\Users\Manni\AppData\Local\yrdwpbam.bat [2014-07-07] ()
Task: {568FC11B-13C4-49BB-BB4F-321161212AAA} - System32\Tasks\cxmbwla => C:\Users\Manni\AppData\Local\cxmbwla.bat [2014-07-07] ()
Task: {5A63283D-215D-4428-8543-0BAD7DED2AE6} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5D83D403-C505-4611-800F-7988B37C0742} - System32\Tasks\thlxdj => C:\Users\Manni\AppData\Local\thlxdj.bat [2014-07-07] ()
Task: {5EEC57B0-4161-4A0B-83CD-0774565ED408} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {62354AA0-9626-4046-94DB-35143ED1C08A} - System32\Tasks\rwbfjosw => C:\Users\Manni\AppData\Local\rwbfjosw.bat [2014-07-07] ()
Task: {6596B45D-E47E-4C1B-A5E0-D241F21430B4} - System32\Tasks\4680 => Wscript.exe C:\Users\Manni\AppData\Local\Temp\launchie.vbs //B
Task: {68F6D1D5-5AF5-4D8D-833D-97D113BB174C} - System32\Tasks\cmymq => C:\Users\Manni\AppData\Local\cmymq.bat
Task: {70380FC0-647A-4D69-A5B9-152A28069808} - System32\Tasks\cncwr => C:\Users\Manni\AppData\Local\cncwr.bat [2014-07-07] ()
Task: {86F52852-72F6-442B-B69F-2582D219A477} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {97BAAC2D-ABB2-4594-A3D0-641A86D3AF81} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A04C623C-5D83-4B46-B3A5-AFF3211AB742} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {A25851BB-A2DE-49F0-88D0-E2E6804C50B1} - System32\Tasks\zercimy => C:\Users\Manni\AppData\Local\zercimy.bat [2014-07-07] ()
Task: {AAC68578-92E8-4703-A1C8-C20D6AF38F62} - System32\Tasks\euldbj => C:\Users\Manni\AppData\Local\euldbj.bat [2014-07-07] ()
Task: {B4753996-0693-45AB-B44E-629A03944B11} - System32\Tasks\ckcqenf => C:\Users\Manni\AppData\Local\ckcqenf.bat [2014-07-07] ()
Task: {BB656CB5-DD11-4A97-979B-45104C51E9A3} - System32\Tasks\blerf => C:\Users\Manni\AppData\Local\blerf.bat
Task: {BDD59F76-4315-48B1-945F-B2E4CDE7F910} - System32\Tasks\jfcyuqn => C:\Users\Manni\AppData\Local\jfcyuqn.bat [2014-07-07] ()
Task: {C4BEB79C-0B57-4EB6-A170-AE20FCF84421} - System32\Tasks\dultkbj => C:\Users\Manni\AppData\Local\dultkbj.bat [2014-07-07] ()
Task: {C7E4A8C7-0A49-40DB-B0B0-76F7B7E14CC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {CBAF75D9-4A25-4041-A2F5-5FB4214D7480} - System32\Tasks\rdfqa => C:\Users\Manni\AppData\Local\rdfqa.bat
Task: {D6720897-3796-4410-B465-BDFD4C6B848A} - System32\Tasks\cnaob => C:\Users\Manni\AppData\Local\cnaob.bat [2014-07-07] ()
Task: {D9D9CEEA-736D-42F6-82B0-2317C9599064} - System32\Tasks\sxbadc => C:\Users\Manni\AppData\Local\sxbadc.bat [2014-07-07] ()
Task: {DB802726-D195-4A90-98D6-1DA8CA90B528} - System32\Tasks\ykvhrd => C:\Users\Manni\AppData\Local\ykvhrd.bat
Task: {DE7CAB67-59AD-4664-8A09-62E328D2C103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E26D4FC0-020D-4882-A2CA-122EF3642D99} - System32\Tasks\tbhutb => C:\Users\Manni\AppData\Local\tbhutb.bat [2014-07-07] ()
Task: {E41A9173-3D19-4554-8AB5-BA876DFE5441} - System32\Tasks\numss => C:\Users\Manni\AppData\Local\numss.bat [2014-07-07] ()
Task: {E41F8BE0-222B-4402-8CD1-AB2C2C0C98FD} - System32\Tasks\cfaefde => C:\Users\Manni\AppData\Local\cfaefde.bat [2014-07-07] ()
Task: {E96E061B-0CC6-4D5C-A090-A798A94DF377} - System32\Tasks\kawlb => C:\Users\Manni\AppData\Local\kawlb.bat [2014-07-07] ()
Task: {EBC9B429-D6AE-4B26-A4D0-F579ABAD46A5} - System32\Tasks\psbwfitn => C:\Users\Manni\AppData\Local\psbwfitn.bat [2014-07-07] ()
Task: {EEECBA7C-C3ED-4744-84A9-B8BAF396CA8A} - System32\Tasks\eljqou => C:\Users\Manni\AppData\Local\eljqou.bat
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-11-14 19:25 - 2009-07-06 21:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-01-23 12:23 - 2010-04-21 10:59 - 00058880 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_x64.dll
2011-03-01 13:37 - 2008-12-02 14:21 - 00041984 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-02 16:46 - 2009-10-02 16:46 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-03-18 02:25 - 2010-03-18 02:25 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2011-01-23 12:23 - 2010-04-21 11:00 - 00058368 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_Win32.dll
2011-03-01 13:37 - 2011-02-04 09:35 - 00815616 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2011-03-01 13:37 - 2010-09-30 10:14 - 00055296 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_03.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (07/29/2014 10:26:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 116 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/29/2014 10:25:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 253 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/08/2014 00:06:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/29/2013 05:42:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14026 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/13/2012 00:34:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1107 seconds with 240 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-08-23 11:20:55.401
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-23 11:20:54.652
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-22 14:52:21.161
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 14:39:16.298
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 14:24:54.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 12:08:41.049
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-19 07:22:24.312
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 08:17:50.468
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-16 11:38:13.950
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-15 10:32:30.832
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II Dual-Core M320
Percentage of memory in use: 49%
Total physical RAM: 1788.2 MB
Available physical RAM: 898.02 MB
Total Pagefile: 3576.4 MB
Available Pagefile: 1854.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:219.13 GB) (Free:142.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.46 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 041DF713)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

ich hoffe damit kann man was anfangen.

M-K-D-B · 25.08.2014, 11:28

Servus,

ja, damit kann ich was anfangen.

Jetzt machen wir zuerst einen Fix und dann kontrollieren wir nochmal gründlich.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
URLSearchHook: HKLM-x32 - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - No File
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO-x32: No Name -> {990af1c2-5a27-4460-8149-ecc6bc122af3} ->  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF Extension: Cinema-Plus-1.2c - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\caseyvelez@aol.com [2014-08-23]
FF Extension: video MediaPlayer - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com [2014-07-11]
CHR Extension: (Cinema-Plus-1.2) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikpbmdkdomofnnkcaoepabekgkedfhom [2014-07-10]
S2 Update findopolis; "C:\Program Files (x86)\findopolis\updatefindopolis.exe" [X]
C:\Program Files (x86)\findopolis
Task: {0E27F6A1-8900-45BF-B630-C819492F06C2} - System32\Tasks\cocwrgcn => C:\Users\Manni\AppData\Local\cocwrgcn.bat [2014-07-07] ()
Task: {12A909A7-A915-4690-93E4-8C739E117D95} - System32\Tasks\wfodnof => C:\Users\Manni\AppData\Local\wfodnof.bat
Task: {13C0A6FB-F1D8-45E9-BE95-CB694C9EF0C8} - System32\Tasks\koswc => C:\Users\Manni\AppData\Local\koswc.bat [2014-07-07] ()
Task: {1E334E91-4473-4C00-95BF-1523CC431FEC} - System32\Tasks\ttahnlby => C:\Users\Manni\AppData\Local\ttahnlby.bat [2014-07-07] ()
Task: {27CE954C-20F7-4E97-AC66-0AE5817FF5D7} - System32\Tasks\kfuync => C:\Users\Manni\AppData\Local\kfuync.bat [2014-07-07] ()
Task: {2DC77031-4158-43E6-A0D8-9348F4AACC7A} - System32\Tasks\jgcebxt => C:\Users\Manni\AppData\Local\jgcebxt.bat
Task: {34E8088A-C36B-429C-8DDD-7ADB2468760A} - System32\Tasks\bcidpkfz => C:\Users\Manni\AppData\Local\bcidpkfz.bat [2014-07-07] ()
Task: {37EDA866-EA3A-4CDF-80A3-6C18F6BD0313} - System32\Tasks\atviuwjb => C:\Users\Manni\AppData\Local\atviuwjb.bat [2014-07-07] ()
Task: {389AD2E4-023F-47CC-AD91-B636F7F141A3} - System32\Tasks\0 => Iexplore.exe 
Task: {395760AC-D090-4C72-84A0-F51FF9671608} - System32\Tasks\vvlltc => C:\Users\Manni\AppData\Local\vvlltc.bat [2014-07-07] ()
Task: {3EB9C719-B90B-478A-8CB5-14FA78FC1DA9} - System32\Tasks\hcuojdw => C:\Users\Manni\AppData\Local\hcuojdw.bat [2014-07-07] ()
Task: {452C3DE2-2BA0-455B-A340-894553A2480B} - System32\Tasks\xildor => C:\Users\Manni\AppData\Local\xildor.bat
Task: {470255AC-3406-44C6-8B03-EF695BCB09EA} - System32\Tasks\vckzyho => C:\Users\Manni\AppData\Local\vckzyho.bat [2014-07-07] ()
Task: {482F6C06-2026-4877-9AF1-D954C02AE723} - System32\Tasks\hxjbtn => C:\Users\Manni\AppData\Local\hxjbtn.bat [2014-07-07] ()
Task: {53752472-D7A0-483E-A31A-204A8E322315} - System32\Tasks\yrdwpbam => C:\Users\Manni\AppData\Local\yrdwpbam.bat [2014-07-07] ()
Task: {568FC11B-13C4-49BB-BB4F-321161212AAA} - System32\Tasks\cxmbwla => C:\Users\Manni\AppData\Local\cxmbwla.bat [2014-07-07] ()
Task: {5D83D403-C505-4611-800F-7988B37C0742} - System32\Tasks\thlxdj => C:\Users\Manni\AppData\Local\thlxdj.bat [2014-07-07] ()
Task: {62354AA0-9626-4046-94DB-35143ED1C08A} - System32\Tasks\rwbfjosw => C:\Users\Manni\AppData\Local\rwbfjosw.bat [2014-07-07] ()
Task: {6596B45D-E47E-4C1B-A5E0-D241F21430B4} - System32\Tasks\4680 => Wscript.exe C:\Users\Manni\AppData\Local\Temp\launchie.vbs //B
Task: {68F6D1D5-5AF5-4D8D-833D-97D113BB174C} - System32\Tasks\cmymq => C:\Users\Manni\AppData\Local\cmymq.bat
Task: {70380FC0-647A-4D69-A5B9-152A28069808} - System32\Tasks\cncwr => C:\Users\Manni\AppData\Local\cncwr.bat [2014-07-07] ()
Task: {A25851BB-A2DE-49F0-88D0-E2E6804C50B1} - System32\Tasks\zercimy => C:\Users\Manni\AppData\Local\zercimy.bat [2014-07-07] ()
Task: {AAC68578-92E8-4703-A1C8-C20D6AF38F62} - System32\Tasks\euldbj => C:\Users\Manni\AppData\Local\euldbj.bat [2014-07-07] ()
Task: {B4753996-0693-45AB-B44E-629A03944B11} - System32\Tasks\ckcqenf => C:\Users\Manni\AppData\Local\ckcqenf.bat [2014-07-07] ()
Task: {BB656CB5-DD11-4A97-979B-45104C51E9A3} - System32\Tasks\blerf => C:\Users\Manni\AppData\Local\blerf.bat
Task: {BDD59F76-4315-48B1-945F-B2E4CDE7F910} - System32\Tasks\jfcyuqn => C:\Users\Manni\AppData\Local\jfcyuqn.bat [2014-07-07] ()
Task: {C4BEB79C-0B57-4EB6-A170-AE20FCF84421} - System32\Tasks\dultkbj => C:\Users\Manni\AppData\Local\dultkbj.bat [2014-07-07] ()
Task: {CBAF75D9-4A25-4041-A2F5-5FB4214D7480} - System32\Tasks\rdfqa => C:\Users\Manni\AppData\Local\rdfqa.bat
Task: {D6720897-3796-4410-B465-BDFD4C6B848A} - System32\Tasks\cnaob => C:\Users\Manni\AppData\Local\cnaob.bat [2014-07-07] ()
Task: {D9D9CEEA-736D-42F6-82B0-2317C9599064} - System32\Tasks\sxbadc => C:\Users\Manni\AppData\Local\sxbadc.bat [2014-07-07] ()
Task: {DB802726-D195-4A90-98D6-1DA8CA90B528} - System32\Tasks\ykvhrd => C:\Users\Manni\AppData\Local\ykvhrd.bat
Task: {E26D4FC0-020D-4882-A2CA-122EF3642D99} - System32\Tasks\tbhutb => C:\Users\Manni\AppData\Local\tbhutb.bat [2014-07-07] ()
Task: {E41A9173-3D19-4554-8AB5-BA876DFE5441} - System32\Tasks\numss => C:\Users\Manni\AppData\Local\numss.bat [2014-07-07] ()
Task: {E41F8BE0-222B-4402-8CD1-AB2C2C0C98FD} - System32\Tasks\cfaefde => C:\Users\Manni\AppData\Local\cfaefde.bat [2014-07-07] ()
Task: {E96E061B-0CC6-4D5C-A090-A798A94DF377} - System32\Tasks\kawlb => C:\Users\Manni\AppData\Local\kawlb.bat [2014-07-07] ()
Task: {EBC9B429-D6AE-4B26-A4D0-F579ABAD46A5} - System32\Tasks\psbwfitn => C:\Users\Manni\AppData\Local\psbwfitn.bat [2014-07-07] ()
Task: {EEECBA7C-C3ED-4744-84A9-B8BAF396CA8A} - System32\Tasks\eljqou => C:\Users\Manni\AppData\Local\eljqou.bat
C:\Users\Manni\AppData\Local\*.bat
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:regfind
Inbox
predm
SupTab
WeatherAlerts
Activeris
WhiteSmoke
findopolis
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 3

Starte die FRST.exe erneut. Setze einen Haken vor Addition und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von SystemLook,
die beiden neuen Logdateien von FRST.

0815Horst · 25.08.2014, 12:58

Hallo,

nach dem Schritt 1 hat der PC nen Neustart gemacht und die Meldungen kamen nicht mehr. Aber hier die Logs:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-08-2014
Ran by Manni at 2014-08-25 13:32:40 Run:1
Running from C:\Users\Manni\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
URLSearchHook: HKLM-x32 - (No Name) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - No File
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO-x32: No Name -> {990af1c2-5a27-4460-8149-ecc6bc122af3} ->  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF Extension: Cinema-Plus-1.2c - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\caseyvelez@aol.com [2014-08-23]
FF Extension: video MediaPlayer - C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com [2014-07-11]
CHR Extension: (Cinema-Plus-1.2) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikpbmdkdomofnnkcaoepabekgkedfhom [2014-07-10]
S2 Update findopolis; "C:\Program Files (x86)\findopolis\updatefindopolis.exe" [X]
C:\Program Files (x86)\findopolis
Task: {0E27F6A1-8900-45BF-B630-C819492F06C2} - System32\Tasks\cocwrgcn => C:\Users\Manni\AppData\Local\cocwrgcn.bat [2014-07-07] ()
Task: {12A909A7-A915-4690-93E4-8C739E117D95} - System32\Tasks\wfodnof => C:\Users\Manni\AppData\Local\wfodnof.bat
Task: {13C0A6FB-F1D8-45E9-BE95-CB694C9EF0C8} - System32\Tasks\koswc => C:\Users\Manni\AppData\Local\koswc.bat [2014-07-07] ()
Task: {1E334E91-4473-4C00-95BF-1523CC431FEC} - System32\Tasks\ttahnlby => C:\Users\Manni\AppData\Local\ttahnlby.bat [2014-07-07] ()
Task: {27CE954C-20F7-4E97-AC66-0AE5817FF5D7} - System32\Tasks\kfuync => C:\Users\Manni\AppData\Local\kfuync.bat [2014-07-07] ()
Task: {2DC77031-4158-43E6-A0D8-9348F4AACC7A} - System32\Tasks\jgcebxt => C:\Users\Manni\AppData\Local\jgcebxt.bat
Task: {34E8088A-C36B-429C-8DDD-7ADB2468760A} - System32\Tasks\bcidpkfz => C:\Users\Manni\AppData\Local\bcidpkfz.bat [2014-07-07] ()
Task: {37EDA866-EA3A-4CDF-80A3-6C18F6BD0313} - System32\Tasks\atviuwjb => C:\Users\Manni\AppData\Local\atviuwjb.bat [2014-07-07] ()
Task: {389AD2E4-023F-47CC-AD91-B636F7F141A3} - System32\Tasks\0 => Iexplore.exe 
Task: {395760AC-D090-4C72-84A0-F51FF9671608} - System32\Tasks\vvlltc => C:\Users\Manni\AppData\Local\vvlltc.bat [2014-07-07] ()
Task: {3EB9C719-B90B-478A-8CB5-14FA78FC1DA9} - System32\Tasks\hcuojdw => C:\Users\Manni\AppData\Local\hcuojdw.bat [2014-07-07] ()
Task: {452C3DE2-2BA0-455B-A340-894553A2480B} - System32\Tasks\xildor => C:\Users\Manni\AppData\Local\xildor.bat
Task: {470255AC-3406-44C6-8B03-EF695BCB09EA} - System32\Tasks\vckzyho => C:\Users\Manni\AppData\Local\vckzyho.bat [2014-07-07] ()
Task: {482F6C06-2026-4877-9AF1-D954C02AE723} - System32\Tasks\hxjbtn => C:\Users\Manni\AppData\Local\hxjbtn.bat [2014-07-07] ()
Task: {53752472-D7A0-483E-A31A-204A8E322315} - System32\Tasks\yrdwpbam => C:\Users\Manni\AppData\Local\yrdwpbam.bat [2014-07-07] ()
Task: {568FC11B-13C4-49BB-BB4F-321161212AAA} - System32\Tasks\cxmbwla => C:\Users\Manni\AppData\Local\cxmbwla.bat [2014-07-07] ()
Task: {5D83D403-C505-4611-800F-7988B37C0742} - System32\Tasks\thlxdj => C:\Users\Manni\AppData\Local\thlxdj.bat [2014-07-07] ()
Task: {62354AA0-9626-4046-94DB-35143ED1C08A} - System32\Tasks\rwbfjosw => C:\Users\Manni\AppData\Local\rwbfjosw.bat [2014-07-07] ()
Task: {6596B45D-E47E-4C1B-A5E0-D241F21430B4} - System32\Tasks\4680 => Wscript.exe C:\Users\Manni\AppData\Local\Temp\launchie.vbs //B
Task: {68F6D1D5-5AF5-4D8D-833D-97D113BB174C} - System32\Tasks\cmymq => C:\Users\Manni\AppData\Local\cmymq.bat
Task: {70380FC0-647A-4D69-A5B9-152A28069808} - System32\Tasks\cncwr => C:\Users\Manni\AppData\Local\cncwr.bat [2014-07-07] ()
Task: {A25851BB-A2DE-49F0-88D0-E2E6804C50B1} - System32\Tasks\zercimy => C:\Users\Manni\AppData\Local\zercimy.bat [2014-07-07] ()
Task: {AAC68578-92E8-4703-A1C8-C20D6AF38F62} - System32\Tasks\euldbj => C:\Users\Manni\AppData\Local\euldbj.bat [2014-07-07] ()
Task: {B4753996-0693-45AB-B44E-629A03944B11} - System32\Tasks\ckcqenf => C:\Users\Manni\AppData\Local\ckcqenf.bat [2014-07-07] ()
Task: {BB656CB5-DD11-4A97-979B-45104C51E9A3} - System32\Tasks\blerf => C:\Users\Manni\AppData\Local\blerf.bat
Task: {BDD59F76-4315-48B1-945F-B2E4CDE7F910} - System32\Tasks\jfcyuqn => C:\Users\Manni\AppData\Local\jfcyuqn.bat [2014-07-07] ()
Task: {C4BEB79C-0B57-4EB6-A170-AE20FCF84421} - System32\Tasks\dultkbj => C:\Users\Manni\AppData\Local\dultkbj.bat [2014-07-07] ()
Task: {CBAF75D9-4A25-4041-A2F5-5FB4214D7480} - System32\Tasks\rdfqa => C:\Users\Manni\AppData\Local\rdfqa.bat
Task: {D6720897-3796-4410-B465-BDFD4C6B848A} - System32\Tasks\cnaob => C:\Users\Manni\AppData\Local\cnaob.bat [2014-07-07] ()
Task: {D9D9CEEA-736D-42F6-82B0-2317C9599064} - System32\Tasks\sxbadc => C:\Users\Manni\AppData\Local\sxbadc.bat [2014-07-07] ()
Task: {DB802726-D195-4A90-98D6-1DA8CA90B528} - System32\Tasks\ykvhrd => C:\Users\Manni\AppData\Local\ykvhrd.bat
Task: {E26D4FC0-020D-4882-A2CA-122EF3642D99} - System32\Tasks\tbhutb => C:\Users\Manni\AppData\Local\tbhutb.bat [2014-07-07] ()
Task: {E41A9173-3D19-4554-8AB5-BA876DFE5441} - System32\Tasks\numss => C:\Users\Manni\AppData\Local\numss.bat [2014-07-07] ()
Task: {E41F8BE0-222B-4402-8CD1-AB2C2C0C98FD} - System32\Tasks\cfaefde => C:\Users\Manni\AppData\Local\cfaefde.bat [2014-07-07] ()
Task: {E96E061B-0CC6-4D5C-A090-A798A94DF377} - System32\Tasks\kawlb => C:\Users\Manni\AppData\Local\kawlb.bat [2014-07-07] ()
Task: {EBC9B429-D6AE-4B26-A4D0-F579ABAD46A5} - System32\Tasks\psbwfitn => C:\Users\Manni\AppData\Local\psbwfitn.bat [2014-07-07] ()
Task: {EEECBA7C-C3ED-4744-84A9-B8BAF396CA8A} - System32\Tasks\eljqou => C:\Users\Manni\AppData\Local\eljqou.bat
C:\Users\Manni\AppData\Local\*.bat
EmptyTemp:
end
*****************

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{990af1c2-5a27-4460-8149-ecc6bc122af3} => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
"HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990af1c2-5a27-4460-8149-ecc6bc122af3}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{990af1c2-5a27-4460-8149-ecc6bc122af3}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
"HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\caseyvelez@aol.com => Moved successfully.
C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515\Extensions\ff806580-6db3-4c09-ba06-d6caf0e99172@8453cb25-7fef-4ed5-8934-b08be5605617.com => Moved successfully.
C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikpbmdkdomofnnkcaoepabekgkedfhom => Moved successfully.
Update findopolis => Service deleted successfully.
"C:\Program Files (x86)\findopolis" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E27F6A1-8900-45BF-B630-C819492F06C2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E27F6A1-8900-45BF-B630-C819492F06C2}" => Key deleted successfully.
C:\Windows\System32\Tasks\cocwrgcn => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cocwrgcn" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{12A909A7-A915-4690-93E4-8C739E117D95}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12A909A7-A915-4690-93E4-8C739E117D95}" => Key deleted successfully.
C:\Windows\System32\Tasks\wfodnof => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wfodnof" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{13C0A6FB-F1D8-45E9-BE95-CB694C9EF0C8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13C0A6FB-F1D8-45E9-BE95-CB694C9EF0C8}" => Key deleted successfully.
C:\Windows\System32\Tasks\koswc => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\koswc" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E334E91-4473-4C00-95BF-1523CC431FEC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E334E91-4473-4C00-95BF-1523CC431FEC}" => Key deleted successfully.
C:\Windows\System32\Tasks\ttahnlby => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ttahnlby" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27CE954C-20F7-4E97-AC66-0AE5817FF5D7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27CE954C-20F7-4E97-AC66-0AE5817FF5D7}" => Key deleted successfully.
C:\Windows\System32\Tasks\kfuync => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\kfuync" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2DC77031-4158-43E6-A0D8-9348F4AACC7A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DC77031-4158-43E6-A0D8-9348F4AACC7A}" => Key deleted successfully.
C:\Windows\System32\Tasks\jgcebxt => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jgcebxt" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{34E8088A-C36B-429C-8DDD-7ADB2468760A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34E8088A-C36B-429C-8DDD-7ADB2468760A}" => Key deleted successfully.
C:\Windows\System32\Tasks\bcidpkfz => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bcidpkfz" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{37EDA866-EA3A-4CDF-80A3-6C18F6BD0313}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37EDA866-EA3A-4CDF-80A3-6C18F6BD0313}" => Key deleted successfully.
C:\Windows\System32\Tasks\atviuwjb => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\atviuwjb" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{389AD2E4-023F-47CC-AD91-B636F7F141A3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{389AD2E4-023F-47CC-AD91-B636F7F141A3}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{395760AC-D090-4C72-84A0-F51FF9671608}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{395760AC-D090-4C72-84A0-F51FF9671608}" => Key deleted successfully.
C:\Windows\System32\Tasks\vvlltc => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\vvlltc" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3EB9C719-B90B-478A-8CB5-14FA78FC1DA9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EB9C719-B90B-478A-8CB5-14FA78FC1DA9}" => Key deleted successfully.
C:\Windows\System32\Tasks\hcuojdw => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hcuojdw" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{452C3DE2-2BA0-455B-A340-894553A2480B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{452C3DE2-2BA0-455B-A340-894553A2480B}" => Key deleted successfully.
C:\Windows\System32\Tasks\xildor => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\xildor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{470255AC-3406-44C6-8B03-EF695BCB09EA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{470255AC-3406-44C6-8B03-EF695BCB09EA}" => Key deleted successfully.
C:\Windows\System32\Tasks\vckzyho => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\vckzyho" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{482F6C06-2026-4877-9AF1-D954C02AE723}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{482F6C06-2026-4877-9AF1-D954C02AE723}" => Key deleted successfully.
C:\Windows\System32\Tasks\hxjbtn => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hxjbtn" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53752472-D7A0-483E-A31A-204A8E322315}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53752472-D7A0-483E-A31A-204A8E322315}" => Key deleted successfully.
C:\Windows\System32\Tasks\yrdwpbam => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\yrdwpbam" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{568FC11B-13C4-49BB-BB4F-321161212AAA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{568FC11B-13C4-49BB-BB4F-321161212AAA}" => Key deleted successfully.
C:\Windows\System32\Tasks\cxmbwla => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cxmbwla" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D83D403-C505-4611-800F-7988B37C0742}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D83D403-C505-4611-800F-7988B37C0742}" => Key deleted successfully.
C:\Windows\System32\Tasks\thlxdj => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\thlxdj" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{62354AA0-9626-4046-94DB-35143ED1C08A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62354AA0-9626-4046-94DB-35143ED1C08A}" => Key deleted successfully.
C:\Windows\System32\Tasks\rwbfjosw => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rwbfjosw" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6596B45D-E47E-4C1B-A5E0-D241F21430B4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6596B45D-E47E-4C1B-A5E0-D241F21430B4}" => Key deleted successfully.
C:\Windows\System32\Tasks\4680 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4680" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{68F6D1D5-5AF5-4D8D-833D-97D113BB174C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68F6D1D5-5AF5-4D8D-833D-97D113BB174C}" => Key deleted successfully.
C:\Windows\System32\Tasks\cmymq => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cmymq" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{70380FC0-647A-4D69-A5B9-152A28069808}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70380FC0-647A-4D69-A5B9-152A28069808}" => Key deleted successfully.
C:\Windows\System32\Tasks\cncwr => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cncwr" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A25851BB-A2DE-49F0-88D0-E2E6804C50B1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A25851BB-A2DE-49F0-88D0-E2E6804C50B1}" => Key deleted successfully.
C:\Windows\System32\Tasks\zercimy => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\zercimy" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AAC68578-92E8-4703-A1C8-C20D6AF38F62}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAC68578-92E8-4703-A1C8-C20D6AF38F62}" => Key deleted successfully.
C:\Windows\System32\Tasks\euldbj => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\euldbj" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4753996-0693-45AB-B44E-629A03944B11}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4753996-0693-45AB-B44E-629A03944B11}" => Key deleted successfully.
C:\Windows\System32\Tasks\ckcqenf => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ckcqenf" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BB656CB5-DD11-4A97-979B-45104C51E9A3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB656CB5-DD11-4A97-979B-45104C51E9A3}" => Key deleted successfully.
C:\Windows\System32\Tasks\blerf => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\blerf" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BDD59F76-4315-48B1-945F-B2E4CDE7F910}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDD59F76-4315-48B1-945F-B2E4CDE7F910}" => Key deleted successfully.
C:\Windows\System32\Tasks\jfcyuqn => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jfcyuqn" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C4BEB79C-0B57-4EB6-A170-AE20FCF84421}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4BEB79C-0B57-4EB6-A170-AE20FCF84421}" => Key deleted successfully.
C:\Windows\System32\Tasks\dultkbj => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dultkbj" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CBAF75D9-4A25-4041-A2F5-5FB4214D7480}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBAF75D9-4A25-4041-A2F5-5FB4214D7480}" => Key deleted successfully.
C:\Windows\System32\Tasks\rdfqa => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rdfqa" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6720897-3796-4410-B465-BDFD4C6B848A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6720897-3796-4410-B465-BDFD4C6B848A}" => Key deleted successfully.
C:\Windows\System32\Tasks\cnaob => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cnaob" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D9D9CEEA-736D-42F6-82B0-2317C9599064}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9D9CEEA-736D-42F6-82B0-2317C9599064}" => Key deleted successfully.
C:\Windows\System32\Tasks\sxbadc => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\sxbadc" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB802726-D195-4A90-98D6-1DA8CA90B528}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB802726-D195-4A90-98D6-1DA8CA90B528}" => Key deleted successfully.
C:\Windows\System32\Tasks\ykvhrd => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ykvhrd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E26D4FC0-020D-4882-A2CA-122EF3642D99}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E26D4FC0-020D-4882-A2CA-122EF3642D99}" => Key deleted successfully.
C:\Windows\System32\Tasks\tbhutb => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\tbhutb" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E41A9173-3D19-4554-8AB5-BA876DFE5441}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E41A9173-3D19-4554-8AB5-BA876DFE5441}" => Key deleted successfully.
C:\Windows\System32\Tasks\numss => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\numss" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E41F8BE0-222B-4402-8CD1-AB2C2C0C98FD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E41F8BE0-222B-4402-8CD1-AB2C2C0C98FD}" => Key deleted successfully.
C:\Windows\System32\Tasks\cfaefde => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cfaefde" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E96E061B-0CC6-4D5C-A090-A798A94DF377}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E96E061B-0CC6-4D5C-A090-A798A94DF377}" => Key deleted successfully.
C:\Windows\System32\Tasks\kawlb => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\kawlb" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EBC9B429-D6AE-4B26-A4D0-F579ABAD46A5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBC9B429-D6AE-4B26-A4D0-F579ABAD46A5}" => Key deleted successfully.
C:\Windows\System32\Tasks\psbwfitn => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\psbwfitn" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EEECBA7C-C3ED-4744-84A9-B8BAF396CA8A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEECBA7C-C3ED-4744-84A9-B8BAF396CA8A}" => Key deleted successfully.
C:\Windows\System32\Tasks\eljqou => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\eljqou" => Key deleted successfully.
C:\Users\Manni\AppData\Local\*.bat => Moved successfully.
EmptyTemp: => Removed 200.2 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 13:40 on 25/08/2014 by Manni
Administrator - Elevation successful

========== regfind ==========

Searching for "Inbox"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 18"="[F00000000][T01CC94BA0232E6E0]*https://email.t-online.de/V3-6-2-0/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=5481&p%5BmimePartId%5D=3&p%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 19"="[F00000000][T01CC8DAAFBE000E0]*https://email.t-online.de/V3-6-2-0/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=5446&p%5BmimePartId%5D=2&p%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 20"="[F00000000][T01CC721F0D17D4C0]*https://email.t-online.de/V3-6-1-2/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=5228&p%5BmimePartId%5D=2&p%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 22"="[F00000000][T01CC4EDFB9113D10]*https://email.t-online.de/V3-6-0-3/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=4196&p%5BmimePartId%5D=2&p%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 23"="[F00000000][T01CC2464CA3E93D0]*https://email.t-online.de/V3-5-5-0/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=4196&p%5BmimePartId%5D=2&p%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 24"="[F00000000][T01CC1A09E0EFC6E0]*https://email.t-online.de/V3-4-1-1/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=4196&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 25"="[F00000000][T01CC19FEDFA7DE90]*https://email.t-online.de/V3-4-1-1/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=4349&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 26"="[F00000000][T01CC0B078DE232F0]*https://email.t-online.de/V3-4-0-5/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=4196&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 27"="[F00000000][T01CBC38401B416B0]*https://email.t-online.de/V3-3-1-0/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX.Sent&params%5Buid%5D=2748&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 28"="[F00000000][T01CBC1F70A37E7F0]*https://email.t-online.de/V3-3-0-5/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=3622&params%5BmimePartId%5D=3&params%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 29"="[F00000000][T01CBC1F6F6B84C60]*https://email.t-online.de/V3-3-0-5/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=3622&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_CURRENT_USER\Software\Microsoft\wfs\Inbox]
[HKEY_CURRENT_USER\Software\Microsoft\wfs\InboxView]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Inbox.CoInboxJS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Inbox.CoInboxJS]
@="Inbox"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Inbox.InboxServer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Inbox.InboxServer]
@="InboxServer Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Inbox.WST404]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~de-DE~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~de-DE~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~0.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Shell-InboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Shell-MultiplayerInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~de-DE~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385]
"InstallName"="Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514]
"InstallName"="Microsoft-Windows-Shell-PremiumInboxGames-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\UpdateDetect\InboxGames]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..erinboxgames-common_31bf3856ad364e35_none_fab7fdca54484174]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..erinboxgames-spades_31bf3856ad364e35_none_903e6ba9eb89361b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..inboxgames-checkers_31bf3856ad364e35_none_775d5ae92cdc55d5]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..inboxgames-freecell_31bf3856ad364e35_none_8b148db1f6acbf45]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..inboxgames-shanghai_31bf3856ad364e35_none_e8ed69ffd115b9b1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..iuminboxgames-chess_31bf3856ad364e35_none_ce35824f32f27a22]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-s..l-inboxgames-hearts_31bf3856ad364e35_none_5ec151a2fd024d4c]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Inbox_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Inbox_RASMANCS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1400 series]
"MinInboxDriverVerDate"="01/01/1601"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1400 series]
"MinInboxDriverVerVersion"="0.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1500 series]
"MinInboxDriverVerDate"="06/21/2006"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1500 series]
"MinInboxDriverVerVersion"="6.1.7600.16385"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\HP psc 2200 Series]
"MinInboxDriverVerDate"="01/01/1601"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\HP psc 2200 Series]
"MinInboxDriverVerVersion"="0.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft Shared Fax Driver]
"MinInboxDriverVerDate"="01/01/1601"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft Shared Fax Driver]
"MinInboxDriverVerVersion"="0.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft XPS Document Writer]
"MinInboxDriverVerDate"="06/21/2006"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft XPS Document Writer]
"MinInboxDriverVerVersion"="6.1.7601.17514"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ARCSAS\0000]
"DeviceDesc"="Adaptec SAS/SATA-II RAID-Windows-Inbox-Miniporttreiber"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\arcsas]
"DisplayName"="Adaptec SAS/SATA-II RAID-Windows-Inbox-Miniporttreiber"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1400 series]
"MinInboxDriverVerDate"="01/01/1601"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1400 series]
"MinInboxDriverVerVersion"="0.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1500 series]
"MinInboxDriverVerDate"="06/21/2006"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1500 series]
"MinInboxDriverVerVersion"="6.1.7600.16385"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\HP psc 2200 Series]
"MinInboxDriverVerDate"="01/01/1601"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\HP psc 2200 Series]
"MinInboxDriverVerVersion"="0.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft Shared Fax Driver]
"MinInboxDriverVerDate"="01/01/1601"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft Shared Fax Driver]
"MinInboxDriverVerVersion"="0.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft XPS Document Writer]
"MinInboxDriverVerDate"="06/21/2006"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft XPS Document Writer]
"MinInboxDriverVerVersion"="6.1.7601.17514"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_ARCSAS\0000]
"DeviceDesc"="Adaptec SAS/SATA-II RAID-Windows-Inbox-Miniporttreiber"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\arcsas]
"DisplayName"="Adaptec SAS/SATA-II RAID-Windows-Inbox-Miniporttreiber"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1400 series]
"MinInboxDriverVerDate"="01/01/1601"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1400 series]
"MinInboxDriverVerVersion"="0.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1500 series]
"MinInboxDriverVerDate"="06/21/2006"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\HP PSC 1500 series]
"MinInboxDriverVerVersion"="6.1.7600.16385"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\HP psc 2200 Series]
"MinInboxDriverVerDate"="01/01/1601"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\HP psc 2200 Series]
"MinInboxDriverVerVersion"="0.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft Shared Fax Driver]
"MinInboxDriverVerDate"="01/01/1601"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft Shared Fax Driver]
"MinInboxDriverVerVersion"="0.0.0.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft XPS Document Writer]
"MinInboxDriverVerDate"="06/21/2006"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\Microsoft XPS Document Writer]
"MinInboxDriverVerVersion"="6.1.7601.17514"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ARCSAS\0000]
"DeviceDesc"="Adaptec SAS/SATA-II RAID-Windows-Inbox-Miniporttreiber"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\arcsas]
"DisplayName"="Adaptec SAS/SATA-II RAID-Windows-Inbox-Miniporttreiber"
[HKEY_USERS\S-1-5-19\Software\Microsoft\wfs\InboxView]
[HKEY_USERS\S-1-5-20\Software\Microsoft\wfs\InboxView]
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 18"="[F00000000][T01CC94BA0232E6E0]*https://email.t-online.de/V3-6-2-0/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=5481&p%5BmimePartId%5D=3&p%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 19"="[F00000000][T01CC8DAAFBE000E0]*https://email.t-online.de/V3-6-2-0/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=5446&p%5BmimePartId%5D=2&p%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 20"="[F00000000][T01CC721F0D17D4C0]*https://email.t-online.de/V3-6-1-2/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=5228&p%5BmimePartId%5D=2&p%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 22"="[F00000000][T01CC4EDFB9113D10]*https://email.t-online.de/V3-6-0-3/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=4196&p%5BmimePartId%5D=2&p%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 23"="[F00000000][T01CC2464CA3E93D0]*https://email.t-online.de/V3-5-5-0/srv-bin/mailbox?method=deliverMessagePart&p%5Bfolder%5D=INBOX&p%5Buid%5D=4196&p%5BmimePartId%5D=2&p%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 24"="[F00000000][T01CC1A09E0EFC6E0]*https://email.t-online.de/V3-4-1-1/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=4196&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 25"="[F00000000][T01CC19FEDFA7DE90]*https://email.t-online.de/V3-4-1-1/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=4349&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 26"="[F00000000][T01CC0B078DE232F0]*https://email.t-online.de/V3-4-0-5/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=4196&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 27"="[F00000000][T01CBC38401B416B0]*https://email.t-online.de/V3-3-1-0/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX.Sent&params%5Buid%5D=2748&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 28"="[F00000000][T01CBC1F70A37E7F0]*https://email.t-online.de/V3-3-0-5/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=3622&params%5BmimePartId%5D=3&params%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Office\12.0\PowerPoint\File MRU]
"Item 29"="[F00000000][T01CBC1F6F6B84C60]*https://email.t-online.de/V3-3-0-5/srv-bin/mailbox?method=deliverMessagePart&params%5Bfolder%5D=INBOX&params%5Buid%5D=3622&params%5BmimePartId%5D=2&params%5Bdisposition%5D=inline"
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\wfs\Inbox]
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\wfs\InboxView]

Searching for "predm"
No data found.

Searching for "SupTab"
No data found.

Searching for "WeatherAlerts"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WeatherAlerts_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WeatherAlerts_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS]

Searching for "Activeris"
No data found.

Searching for "WhiteSmoke"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Updater By Sweetpacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.com":"q","search.utorrent.com":"","se
[HKEY_USERS\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-418493526-2778782540-3642645566-1000\Software\Updater By Sweetpacks\script_storage]
"WSG_whiteList"="{"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylo

Searching for "findopolis"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\findopolis_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\findopolis_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatefindopolis_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatefindopolis_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilfindopolis_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilfindopolis_RASMANCS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Update findopolis]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Update findopolis]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update findopolis]

-= EOF =-

0815Horst · 25.08.2014, 12:59

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2014
Ran by Manni (administrator) on LAPPI-MANNI on 25-08-2014 13:48:59
Running from C:\Users\Manni\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-11-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe [1974408 2010-03-29] (T-Systems International GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-29] (Easybits)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {16ED00DE-DF19-4BC9-9E03-52C3121B7124} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKCU - {8E25DF21-98F1-47A6-A2A4-3C261D916603} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7AURU_deDE498
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2014-08-01]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-13]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-04-01]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: 
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (YouTube) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google-Suche) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Norton Identity Protection) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-06-07]
CHR Extension: (Google Wallet) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Google Mail) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2011-12-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 DFSVC; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [376832 2009-10-21] (T-Systems International GmbH) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R3 DFSYS; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [17952 2009-10-15] (T-Systems International GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-13] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys [525016 2014-03-31] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\ENG64.SYS [126040 2014-07-18] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\EX64.SYS [2099288 2014-07-18] (Symantec Corporation)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI64.sys [28192 2009-10-15] (T-Systems International GmbH)
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-31] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 TridVid; C:\Windows\System32\DRIVERS\TridVid6010.sys [287488 2010-10-10] (10Moons Technologies Co.,Ltd)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 13:40 - 2014-08-25 13:47 - 00051532 _____ () C:\Users\Manni\Desktop\SystemLook.txt
2014-08-25 13:39 - 2014-08-25 13:39 - 00165376 _____ () C:\Users\Manni\Desktop\SystemLook_x64.exe
2014-08-25 11:38 - 2014-08-25 11:38 - 00001747 _____ () C:\Users\Manni\Desktop\JRT.txt
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 10:58 - 2014-08-25 10:59 - 01016261 _____ (Thisisu) C:\Users\Manni\Desktop\JRT.exe
2014-08-25 10:49 - 2014-08-25 10:49 - 00003495 _____ () C:\Users\Manni\Desktop\mbam.txt
2014-08-25 09:49 - 2014-08-25 13:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 09:45 - 2014-08-25 09:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-25 09:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-25 09:45 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-25 09:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-25 09:42 - 2014-08-25 09:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manni\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:38 - 2014-08-25 09:38 - 00039901 _____ () C:\Users\Manni\Desktop\AdwCleaner[S0].txt
2014-08-25 09:28 - 2014-08-25 09:34 - 00000000 ____D () C:\AdwCleaner
2014-08-25 09:26 - 2014-08-25 09:27 - 01364531 _____ () C:\Users\Manni\Desktop\adwcleaner_3.308.exe
2014-08-23 11:32 - 2014-08-23 11:32 - 00029498 _____ () C:\ComboFix.txt
2014-08-23 11:01 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 11:01 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 11:01 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 11:01 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 11:01 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 11:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 11:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 11:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 11:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-22 18:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-22 18:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-22 18:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-22 18:22 - 2014-08-23 11:32 - 00000000 ____D () C:\Qoobox
2014-08-22 18:20 - 2014-08-23 11:29 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 18:15 - 2014-08-22 18:14 - 05572006 ____R (Swearware) C:\Users\Manni\Desktop\ComboFix.exe
2014-08-22 18:13 - 2014-08-22 18:14 - 05572006 _____ (Swearware) C:\Users\Manni\Downloads\ComboFix.exe
2014-08-22 15:01 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-22 15:01 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-22 15:01 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-22 15:01 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-22 15:01 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-22 15:01 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-22 15:01 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-22 15:01 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-22 14:56 - 2014-08-25 11:43 - 00040829 _____ () C:\Users\Manni\Desktop\Addition.txt
2014-08-22 14:52 - 2014-08-25 13:51 - 00021494 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:48 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 13:53 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-22 13:53 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-22 13:53 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-22 13:53 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-22 13:53 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-22 13:52 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-22 13:45 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-22 13:45 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-22 13:45 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-22 13:45 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-22 13:45 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-22 13:45 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-22 13:45 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-22 13:45 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-22 13:45 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-22 13:45 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-22 13:45 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-22 13:45 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-22 13:45 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-22 13:45 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-22 13:44 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-22 13:44 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-22 13:44 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-22 13:44 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-22 13:44 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-22 13:44 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-22 13:44 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-22 13:44 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-22 13:44 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-22 13:44 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-22 13:44 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-22 13:44 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-22 13:44 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-22 13:44 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-22 13:44 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-22 13:44 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-22 13:44 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-22 13:44 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-22 13:44 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-22 13:44 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-22 13:44 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-22 13:44 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-22 13:44 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-22 13:44 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-22 13:44 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-22 13:44 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-22 13:44 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-22 13:44 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-22 13:44 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-22 13:44 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-22 13:44 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-22 13:44 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-22 13:44 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-22 13:44 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-22 13:44 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-22 13:44 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-22 13:44 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-22 13:44 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-22 13:44 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-22 13:44 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-22 13:44 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-22 13:44 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-22 13:44 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-22 13:44 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-22 13:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-22 13:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-22 13:39 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-22 13:39 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 13:30 - 2014-08-25 13:49 - 00000000 ____D () C:\FRST
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 10:04 - 2014-07-31 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 13:51 - 2014-08-22 14:52 - 00021494 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-25 13:49 - 2014-08-22 13:30 - 00000000 ____D () C:\FRST
2014-08-25 13:47 - 2014-08-25 13:40 - 00051532 _____ () C:\Users\Manni\Desktop\SystemLook.txt
2014-08-25 13:44 - 2012-05-31 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-25 13:44 - 2011-02-15 18:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-25 13:44 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-25 13:44 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 13:43 - 2010-03-18 02:27 - 01846576 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 13:40 - 2009-07-14 06:51 - 01006979 _____ () C:\Windows\setupact.log
2014-08-25 13:39 - 2014-08-25 13:39 - 00165376 _____ () C:\Users\Manni\Desktop\SystemLook_x64.exe
2014-08-25 13:37 - 2014-08-25 09:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 13:37 - 2011-08-28 16:09 - 01024000 ___SH () C:\Users\Manni\Desktop\Thumbs.db
2014-08-25 13:36 - 2014-06-11 19:11 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-25 13:36 - 2011-02-15 18:33 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-25 13:36 - 2010-03-18 02:29 - 02149528 _____ () C:\Windows\PFRO.log
2014-08-25 13:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-25 13:33 - 2011-11-08 14:11 - 00000000 ____D () C:\Users\Manni\AppData\Local\CrashDumps
2014-08-25 11:43 - 2014-08-22 14:56 - 00040829 _____ () C:\Users\Manni\Desktop\Addition.txt
2014-08-25 11:38 - 2014-08-25 11:38 - 00001747 _____ () C:\Users\Manni\Desktop\JRT.txt
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 10:59 - 2014-08-25 10:58 - 01016261 _____ (Thisisu) C:\Users\Manni\Desktop\JRT.exe
2014-08-25 10:49 - 2014-08-25 10:49 - 00003495 _____ () C:\Users\Manni\Desktop\mbam.txt
2014-08-25 10:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-08-25 09:45 - 2014-08-25 09:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-25 09:43 - 2014-08-25 09:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manni\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:38 - 2014-08-25 09:38 - 00039901 _____ () C:\Users\Manni\Desktop\AdwCleaner[S0].txt
2014-08-25 09:34 - 2014-08-25 09:28 - 00000000 ____D () C:\AdwCleaner
2014-08-25 09:34 - 2013-11-29 19:43 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-25 09:34 - 2010-11-02 13:55 - 00000995 _____ () C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-25 09:34 - 2010-11-02 13:50 - 00000000 ____D () C:\Users\Manni
2014-08-25 09:27 - 2014-08-25 09:26 - 01364531 _____ () C:\Users\Manni\Desktop\adwcleaner_3.308.exe
2014-08-25 09:27 - 2011-06-14 09:07 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A8B97CD3-7C97-48E7-8FFF-7B2BF938225D}
2014-08-23 11:32 - 2014-08-23 11:32 - 00029498 _____ () C:\ComboFix.txt
2014-08-23 11:32 - 2014-08-22 18:22 - 00000000 ____D () C:\Qoobox
2014-08-23 11:32 - 2014-04-23 08:56 - 00000000 ____D () C:\Users\dub_cm_auto
2014-08-23 11:29 - 2014-08-22 18:20 - 00000000 ____D () C:\Windows\erdnt
2014-08-23 11:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-23 11:23 - 2009-07-14 04:34 - 91750400 _____ () C:\Windows\system32\config\software.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 17301504 _____ () C:\Windows\system32\config\system.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-08-22 18:14 - 2014-08-22 18:15 - 05572006 ____R (Swearware) C:\Users\Manni\Desktop\ComboFix.exe
2014-08-22 18:14 - 2014-08-22 18:13 - 05572006 _____ (Swearware) C:\Users\Manni\Downloads\ComboFix.exe
2014-08-22 15:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-22 15:22 - 2009-11-14 18:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-22 15:13 - 2013-08-14 18:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-22 15:08 - 2010-11-02 14:53 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-22 15:00 - 2014-05-06 22:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-22 14:48 - 2014-08-22 14:45 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 13:56 - 2011-11-01 15:32 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-22 13:56 - 2010-12-08 16:29 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 12:39 - 2014-07-14 16:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-08-22 12:39 - 2014-03-31 17:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-22 12:39 - 2014-01-21 13:02 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-22 12:39 - 2011-06-08 14:39 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-08-22 12:39 - 2010-03-18 02:43 - 00000000 ____D () C:\ProgramData\Norton
2014-08-22 12:39 - 2009-11-15 02:15 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-22 12:38 - 2014-07-08 20:15 - 00000000 ____D () C:\Program Files (x86)\F978377C-B7D4-4536-8E10-14CA97B13394
2014-08-22 12:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-22 12:31 - 2013-07-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-18 15:47 - 2012-06-17 14:17 - 00000000 ____D () C:\Users\Manni\Sigrid_Rezepte
2014-08-15 15:32 - 2010-11-03 15:21 - 00000000 ____D () C:\Users\Manni\Kegeln
2014-08-10 08:46 - 2013-10-21 17:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-08-07 04:06 - 2014-08-22 13:39 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-22 13:39 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 19:09 - 2010-11-13 15:30 - 00000000 ____D () C:\Users\Manni\FZ
2014-08-05 11:30 - 2014-05-30 17:01 - 00000000 ____D () C:\temp
2014-08-01 12:39 - 2013-11-29 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 01:41 - 2014-08-22 13:44 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-22 13:44 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 17:36 - 2011-06-16 16:24 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 17:36 - 2011-06-16 16:23 - 315134067 _____ () C:\Windows\MEMORY.DMP
2014-07-31 16:44 - 2013-12-29 09:58 - 00000000 ____D () C:\ProgramData\Easybits Magic Desktop for HP
2014-07-31 10:06 - 2014-07-31 10:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 09:52 - 2014-07-23 10:52 - 00000000 ____D () C:\Users\Manni\Desktop\Arbeitssicherheit

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-02-25 16:11

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2014
Ran by Manni at 2014-08-25 13:52:37
Running from C:\Users\Manni\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
1400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0804.2223.38385 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help English (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help French (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help German (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0804.2223.38385 - ATI) Hidden
Cinema-Plus-1.2 (HKLM-x32\...\Cinema-Plus-1.2) (Version: 1.34.7.1 - Cinema Plus)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2111 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3325 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3325 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1005 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.1.1005 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2130 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2130 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2201 - CyberLink Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.2 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.7.0 - )
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardcopy (C:\Program Files (x86)\Hardcopy) (HKLM-x32\...\Hardcopy(C__Program Files (x86)_Hardcopy)) (Version: 2011.02.12 - www.hardcopy.de)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java(TM) 6 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416015FF}) (Version: 6.0.150 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
T-Home Dialerschutz-Software (HKLM-x32\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

10-08-2014 06:42:14 Installed Java 7 Update 67
10-08-2014 10:13:07 Removed Java(TM) SE Development Kit 6 Update 15 (64-bit)
14-08-2014 20:31:17 Windows Update
22-08-2014 10:06:54 Wiederherstellungsvorgang
22-08-2014 11:42:31 Revo Uninstaller's restore point - Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:44:55 Removed Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:55:33 Revo Uninstaller's restore point - Search Protect
22-08-2014 11:59:40 Revo Uninstaller's restore point - video MediaPlay-Air
22-08-2014 12:26:18 Revo Uninstaller's restore point - GMX Desktop Icons
22-08-2014 12:39:18 Revo Uninstaller's restore point - GMX MailCheck für Internet Explorer
22-08-2014 12:41:38 Revo Uninstaller's restore point - GMX Softwareaktualisierung
22-08-2014 12:59:57 Windows Update
23-08-2014 09:00:01 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-23 11:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00A2143C-288B-4611-88E8-4AEFCC12549C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {0315E158-5D1B-4C24-B7BD-CB737D944E07} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {2C7B34C0-9642-4F1C-8B21-47A364A0CCEB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {2E48DDAE-834D-414C-A0B4-6E966EB1878E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {5A63283D-215D-4428-8543-0BAD7DED2AE6} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5EEC57B0-4161-4A0B-83CD-0774565ED408} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {86F52852-72F6-442B-B69F-2582D219A477} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {97BAAC2D-ABB2-4594-A3D0-641A86D3AF81} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A04C623C-5D83-4B46-B3A5-AFF3211AB742} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {C7E4A8C7-0A49-40DB-B0B0-76F7B7E14CC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {DE7CAB67-59AD-4664-8A09-62E328D2C103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-01-23 12:23 - 2010-04-21 10:59 - 00058880 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_x64.dll
2009-11-14 19:25 - 2009-07-06 21:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-03-01 13:37 - 2008-12-02 14:21 - 00041984 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-02 16:46 - 2009-10-02 16:46 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-03-18 02:25 - 2010-03-18 02:25 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2011-01-23 12:23 - 2010-04-21 11:00 - 00058368 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_Win32.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2011-03-01 13:37 - 2011-02-04 09:35 - 00815616 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2011-03-01 13:37 - 2010-09-30 10:14 - 00055296 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_03.dll
2014-07-31 10:05 - 2014-07-31 10:05 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/25/2014 01:32:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x13a4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3


System errors:
=============
Error: (08/25/2014 01:37:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/25/2014 01:36:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BHDrvx64
SRTSP

Error: (08/25/2014 01:36:34 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (08/25/2014 01:36:29 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (08/25/2014 01:36:18 PM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.

Error: (08/25/2014 01:25:29 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (07/29/2014 10:26:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 116 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/29/2014 10:25:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 253 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/08/2014 00:06:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/29/2013 05:42:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14026 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/13/2012 00:34:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1107 seconds with 240 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-08-25 13:50:08.875
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-25 12:05:34.042
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-23 11:20:55.401
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-23 11:20:54.652
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-22 14:52:21.161
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 14:39:16.298
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 14:24:54.170
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 12:08:41.049
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-19 07:22:24.312
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 08:17:50.468
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II Dual-Core M320
Percentage of memory in use: 46%
Total physical RAM: 1788.2 MB
Available physical RAM: 947.84 MB
Total Pagefile: 3576.4 MB
Available Pagefile: 1701.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:219.13 GB) (Free:142.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.46 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 041DF713)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

M-K-D-B · 25.08.2014, 14:50

Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WeatherAlerts_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WeatherAlerts_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\findopolis_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\findopolis_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatefindopolis_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatefindopolis_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilfindopolis_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilfindopolis_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update findopolis
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von SecurityCheck.

0815Horst · 26.08.2014, 06:58

Hallo,

also Schritt 1 ist kein Problem. Das habe ich gemacht... Hier der log.

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-08-2014
Ran by Manni at 2014-08-25 15:57:07 Run:2
Running from C:\Users\Manni\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WeatherAlerts_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WeatherAlerts_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\findopolis_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\findopolis_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatefindopolis_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatefindopolis_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilfindopolis_RASAPI32
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilfindopolis_RASMANCS
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update findopolis
EmptyTemp:
end
*****************

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WeatherAlerts_RASAPI32 => Key deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\WeatherAlerts_RASMANCS => Key deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32 => Key deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS => Key deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\findopolis_RASAPI32 => Key deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\findopolis_RASMANCS => Key deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatefindopolis_RASAPI32 => Key deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatefindopolis_RASMANCS => Key deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilfindopolis_RASAPI32 => Key deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilfindopolis_RASMANCS => Key deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update findopolis => Key deleted successfully.
EmptyTemp: => Removed 26.6 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

Bei Schritt 2 komme ich nicht weiter, da mir ne Meldung mit nem Proxy angezeigt wird. Ich habe aber kein Proxy und er will einfach nicht starten :-(

M-K-D-B · 26.08.2014, 11:38

Servus,

das Tool hier ausführen und danach gleich ESET nochmal versuchen...

Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool

Setze einen Haken bei folgenden Einträgen

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings

Klicke Go und poste den Inhalt der Result.txt.

0815Horst · 26.08.2014, 11:44

Hallo,
habe ich ausgeführt.. aber ESET geht immer noch nicht.. gleich Fehlermeldung

Code:

ATTFilter

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Manni (administrator) on 26-08-2014 at 12:42:49
Running from "C:\Users\Manni\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

"Reset FF Proxy Settings": Firefox Proxy settings were reset.


**** End of log ****

M-K-D-B · 26.08.2014, 11:48

Servus,

FRST nochmal zur Kontrolle bitte:

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

0815Horst · 26.08.2014, 12:04

Aber klar doch...

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2014
Ran by Manni (administrator) on LAPPI-MANNI on 26-08-2014 12:59:35
Running from C:\Users\Manni\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(sw4you, Siegfried Weckmann) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(T-Systems International GmbH) C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-11-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files (x86)\T-Home\Dialerschutz-Software\Defender64.exe [1974408 2010-03-29] (T-Systems International GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-29] (Easybits)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\S-1-5-21-418493526-2778782540-3642645566-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {16ED00DE-DF19-4BC9-9E03-52C3121B7124} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKCU - {8E25DF21-98F1-47A6-A2A4-3C261D916603} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7AURU_deDE498
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Manni\AppData\Roaming\Mozilla\Firefox\Profiles\380272r2.default-1404892408515
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2014-08-01]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-13]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF [2014-04-01]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: 
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (YouTube) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Google-Suche) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Norton Identity Protection) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-06-07]
CHR Extension: (Google Wallet) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Google Mail) - C:\Users\Manni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2011-12-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 DFSVC; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFInject64.exe [376832 2009-10-21] (T-Systems International GmbH) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2014-02-25] (Symantec Corporation)
R3 DFSYS; C:\Program Files (x86)\T-Home\Dialerschutz-Software\DFSYS64.SYS [17952 2009-10-15] (T-Systems International GmbH)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-13] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-13] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140730.002\IDSvia64.sys [525016 2014-03-31] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\ENG64.SYS [126040 2014-07-18] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140731.001\EX64.SYS [2099288 2014-07-18] (Symantec Corporation)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI64.sys [28192 2009-10-15] (T-Systems International GmbH)
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-31] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 TridVid; C:\Windows\System32\DRIVERS\TridVid6010.sys [287488 2010-10-10] (10Moons Technologies Co.,Ltd)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 12:42 - 2014-08-26 12:42 - 00401920 _____ (Farbar) C:\Users\Manni\Desktop\MiniToolBox.exe
2014-08-26 12:42 - 2014-08-26 12:42 - 00000591 _____ () C:\Users\Manni\Desktop\Result.txt
2014-08-25 16:04 - 2014-08-25 16:04 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-25 16:02 - 2014-08-25 16:02 - 02347384 _____ (ESET) C:\Users\Manni\Desktop\esetsmartinstaller_deu.exe
2014-08-25 13:40 - 2014-08-25 13:47 - 00051532 _____ () C:\Users\Manni\Desktop\SystemLook.txt
2014-08-25 13:39 - 2014-08-25 13:39 - 00165376 _____ () C:\Users\Manni\Desktop\SystemLook_x64.exe
2014-08-25 11:38 - 2014-08-25 11:38 - 00001747 _____ () C:\Users\Manni\Desktop\JRT.txt
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 10:58 - 2014-08-25 10:59 - 01016261 _____ (Thisisu) C:\Users\Manni\Desktop\JRT.exe
2014-08-25 10:49 - 2014-08-25 10:49 - 00003495 _____ () C:\Users\Manni\Desktop\mbam.txt
2014-08-25 09:49 - 2014-08-26 12:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 09:45 - 2014-08-25 09:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-25 09:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-25 09:45 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-25 09:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-25 09:42 - 2014-08-25 09:43 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manni\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:38 - 2014-08-25 09:38 - 00039901 _____ () C:\Users\Manni\Desktop\AdwCleaner[S0].txt
2014-08-25 09:28 - 2014-08-25 09:34 - 00000000 ____D () C:\AdwCleaner
2014-08-25 09:26 - 2014-08-25 09:27 - 01364531 _____ () C:\Users\Manni\Desktop\adwcleaner_3.308.exe
2014-08-23 11:32 - 2014-08-23 11:32 - 00029498 _____ () C:\ComboFix.txt
2014-08-23 11:01 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 11:01 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 11:01 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 11:01 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 11:01 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 11:01 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 11:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 11:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 11:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 11:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-22 18:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-22 18:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-22 18:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-22 18:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-22 18:22 - 2014-08-23 11:32 - 00000000 ____D () C:\Qoobox
2014-08-22 18:20 - 2014-08-23 11:29 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 18:15 - 2014-08-22 18:14 - 05572006 ____R (Swearware) C:\Users\Manni\Desktop\ComboFix.exe
2014-08-22 18:13 - 2014-08-22 18:14 - 05572006 _____ (Swearware) C:\Users\Manni\Downloads\ComboFix.exe
2014-08-22 15:01 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-22 15:01 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-22 15:01 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-22 15:01 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-22 15:01 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-22 15:01 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-22 15:01 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-22 15:01 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-22 14:56 - 2014-08-25 13:54 - 00038041 _____ () C:\Users\Manni\Desktop\Addition.txt
2014-08-22 14:52 - 2014-08-26 13:00 - 00021409 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:48 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 13:53 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-22 13:53 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-22 13:53 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-22 13:53 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-22 13:53 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-22 13:53 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-22 13:52 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-22 13:45 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-22 13:45 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-22 13:45 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-22 13:45 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-22 13:45 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-22 13:45 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-22 13:45 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-22 13:45 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-22 13:45 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-22 13:45 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-22 13:45 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-22 13:45 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-22 13:45 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-22 13:45 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-22 13:44 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-22 13:44 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-22 13:44 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-22 13:44 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-22 13:44 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-22 13:44 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-22 13:44 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-22 13:44 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-22 13:44 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-22 13:44 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-22 13:44 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-22 13:44 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-22 13:44 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-22 13:44 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-22 13:44 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-22 13:44 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-22 13:44 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-22 13:44 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-22 13:44 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-22 13:44 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-22 13:44 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-22 13:44 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-22 13:44 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-22 13:44 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-22 13:44 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-22 13:44 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-22 13:44 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-22 13:44 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-22 13:44 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-22 13:44 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-22 13:44 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-22 13:44 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-22 13:44 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-22 13:44 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-22 13:44 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-22 13:44 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-22 13:44 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-22 13:44 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-22 13:44 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-22 13:44 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-22 13:44 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-22 13:44 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-22 13:44 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-22 13:44 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-22 13:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-22 13:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-22 13:39 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-22 13:39 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 13:30 - 2014-08-26 12:59 - 00000000 ____D () C:\FRST
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 10:04 - 2014-07-31 10:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 13:00 - 2014-08-22 14:52 - 00021409 _____ () C:\Users\Manni\Desktop\FRST.txt
2014-08-26 12:59 - 2014-08-22 13:30 - 00000000 ____D () C:\FRST
2014-08-26 12:55 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 12:55 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 12:51 - 2011-06-14 09:07 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A8B97CD3-7C97-48E7-8FFF-7B2BF938225D}
2014-08-26 12:51 - 2010-03-18 02:27 - 01881690 _____ () C:\Windows\WindowsUpdate.log
2014-08-26 12:49 - 2014-08-25 09:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-26 12:49 - 2009-07-14 06:51 - 01007763 _____ () C:\Windows\setupact.log
2014-08-26 12:48 - 2014-06-11 19:11 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-26 12:47 - 2011-02-15 18:33 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-26 12:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-26 12:44 - 2011-02-15 18:33 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-26 12:43 - 2012-05-31 18:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-26 12:42 - 2014-08-26 12:42 - 00401920 _____ (Farbar) C:\Users\Manni\Desktop\MiniToolBox.exe
2014-08-26 12:42 - 2014-08-26 12:42 - 00000591 _____ () C:\Users\Manni\Desktop\Result.txt
2014-08-26 07:58 - 2011-08-28 16:09 - 01040896 ___SH () C:\Users\Manni\Desktop\Thumbs.db
2014-08-25 16:04 - 2014-08-25 16:04 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-25 16:02 - 2014-08-25 16:02 - 02347384 _____ (ESET) C:\Users\Manni\Desktop\esetsmartinstaller_deu.exe
2014-08-25 15:57 - 2011-11-08 14:11 - 00000000 ____D () C:\Users\Manni\AppData\Local\CrashDumps
2014-08-25 13:54 - 2014-08-22 14:56 - 00038041 _____ () C:\Users\Manni\Desktop\Addition.txt
2014-08-25 13:47 - 2014-08-25 13:40 - 00051532 _____ () C:\Users\Manni\Desktop\SystemLook.txt
2014-08-25 13:39 - 2014-08-25 13:39 - 00165376 _____ () C:\Users\Manni\Desktop\SystemLook_x64.exe
2014-08-25 13:36 - 2010-03-18 02:29 - 02149528 _____ () C:\Windows\PFRO.log
2014-08-25 11:38 - 2014-08-25 11:38 - 00001747 _____ () C:\Users\Manni\Desktop\JRT.txt
2014-08-25 11:00 - 2014-08-25 11:00 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 10:59 - 2014-08-25 10:58 - 01016261 _____ (Thisisu) C:\Users\Manni\Desktop\JRT.exe
2014-08-25 10:49 - 2014-08-25 10:49 - 00003495 _____ () C:\Users\Manni\Desktop\mbam.txt
2014-08-25 10:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-08-25 09:45 - 2014-08-25 09:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-25 09:45 - 2014-08-25 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-25 09:43 - 2014-08-25 09:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manni\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:38 - 2014-08-25 09:38 - 00039901 _____ () C:\Users\Manni\Desktop\AdwCleaner[S0].txt
2014-08-25 09:34 - 2014-08-25 09:28 - 00000000 ____D () C:\AdwCleaner
2014-08-25 09:34 - 2013-11-29 19:43 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-25 09:34 - 2010-11-02 13:55 - 00000995 _____ () C:\Users\Manni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-25 09:34 - 2010-11-02 13:50 - 00000000 ____D () C:\Users\Manni
2014-08-25 09:27 - 2014-08-25 09:26 - 01364531 _____ () C:\Users\Manni\Desktop\adwcleaner_3.308.exe
2014-08-23 11:32 - 2014-08-23 11:32 - 00029498 _____ () C:\ComboFix.txt
2014-08-23 11:32 - 2014-08-22 18:22 - 00000000 ____D () C:\Qoobox
2014-08-23 11:32 - 2014-04-23 08:56 - 00000000 ____D () C:\Users\dub_cm_auto
2014-08-23 11:29 - 2014-08-22 18:20 - 00000000 ____D () C:\Windows\erdnt
2014-08-23 11:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-23 11:23 - 2009-07-14 04:34 - 91750400 _____ () C:\Windows\system32\config\software.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 17301504 _____ () C:\Windows\system32\config\system.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-08-23 11:23 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-08-22 18:14 - 2014-08-22 18:15 - 05572006 ____R (Swearware) C:\Users\Manni\Desktop\ComboFix.exe
2014-08-22 18:14 - 2014-08-22 18:13 - 05572006 _____ (Swearware) C:\Users\Manni\Downloads\ComboFix.exe
2014-08-22 15:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-22 15:22 - 2009-11-14 18:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-22 15:13 - 2013-08-14 18:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-22 15:08 - 2010-11-02 14:53 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-22 15:00 - 2014-05-06 22:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-22 14:48 - 2014-08-22 14:45 - 00043266 _____ () C:\Users\Manni\Downloads\FRST.txt
2014-08-22 14:45 - 2014-08-22 14:45 - 02101760 _____ (Farbar) C:\Users\Manni\Desktop\FRST64.exe
2014-08-22 13:56 - 2011-11-01 15:32 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-22 13:56 - 2010-12-08 16:29 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-22 13:32 - 2014-08-22 13:32 - 00001264 _____ () C:\Users\Manni\Desktop\Revo Uninstaller.lnk
2014-08-22 13:32 - 2014-08-22 13:32 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-22 12:39 - 2014-07-14 16:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-08-22 12:39 - 2014-03-31 17:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-22 12:39 - 2014-01-21 13:02 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-08-22 12:39 - 2013-10-21 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-22 12:39 - 2011-06-08 14:39 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-08-22 12:39 - 2010-03-18 02:43 - 00000000 ____D () C:\ProgramData\Norton
2014-08-22 12:39 - 2009-11-15 02:15 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-08-22 12:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-22 12:38 - 2014-07-08 20:15 - 00000000 ____D () C:\Program Files (x86)\F978377C-B7D4-4536-8E10-14CA97B13394
2014-08-22 12:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-22 12:31 - 2013-07-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-18 15:47 - 2012-06-17 14:17 - 00000000 ____D () C:\Users\Manni\Sigrid_Rezepte
2014-08-15 15:32 - 2010-11-03 15:21 - 00000000 ____D () C:\Users\Manni\Kegeln
2014-08-10 08:46 - 2013-10-21 17:34 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:11 - 2014-08-09 20:11 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(3)
2014-08-09 20:09 - 2014-08-09 20:09 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(2)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist(1)
2014-08-09 20:05 - 2014-08-09 20:05 - 02448384 _____ () C:\Users\Manni\Downloads\meingeist
2014-08-07 04:06 - 2014-08-22 13:39 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-22 13:39 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 19:09 - 2010-11-13 15:30 - 00000000 ____D () C:\Users\Manni\FZ
2014-08-05 11:30 - 2014-05-30 17:01 - 00000000 ____D () C:\temp
2014-08-01 12:39 - 2013-11-29 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 01:41 - 2014-08-22 13:44 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-22 13:44 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 17:36 - 2014-07-31 17:36 - 00274424 _____ () C:\Windows\Minidump\073114-42744-01.dmp
2014-07-31 17:36 - 2011-06-16 16:24 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 17:36 - 2011-06-16 16:23 - 315134067 _____ () C:\Windows\MEMORY.DMP
2014-07-31 16:44 - 2013-12-29 09:58 - 00000000 ____D () C:\ProgramData\Easybits Magic Desktop for HP
2014-07-31 10:06 - 2014-07-31 10:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 09:52 - 2014-07-23 10:52 - 00000000 ____D () C:\Users\Manni\Desktop\Arbeitssicherheit

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-02-25 16:11

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2014
Ran by Manni at 2014-08-26 13:02:11
Running from C:\Users\Manni\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
1400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD USB Filter Driver (HKLM-x32\...\{5271C0D4-24E4-4C3D-A782-C012033FD3CF}) (Version: 1.0.10.84 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0804.2223.38385 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0804.2223.38385 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help English (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help French (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help German (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0804.2222.38385 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0804.2223.38385 - ATI) Hidden
Cinema-Plus-1.2 (HKLM-x32\...\Cinema-Plus-1.2) (Version: 1.34.7.1 - Cinema Plus)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2111 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3325 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3325 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1005 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.1.1005 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2130 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2130 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2201 - CyberLink Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.2 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.7.0 - )
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardcopy (C:\Program Files (x86)\Hardcopy) (HKLM-x32\...\Hardcopy(C__Program Files (x86)_Hardcopy)) (Version: 2011.02.12 - www.hardcopy.de)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Java(TM) 6 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416015FF}) (Version: 6.0.150 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2111 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2111 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8107.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2}) (Version: 7.0.43.11502 - muvee Technologies Pte Ltd)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2202 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
T-Home Dialerschutz-Software (HKLM-x32\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

10-08-2014 06:42:14 Installed Java 7 Update 67
10-08-2014 10:13:07 Removed Java(TM) SE Development Kit 6 Update 15 (64-bit)
14-08-2014 20:31:17 Windows Update
22-08-2014 10:06:54 Wiederherstellungsvorgang
22-08-2014 11:42:31 Revo Uninstaller's restore point - Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:44:55 Removed Internet Explorer Toolbar 4.9 by SweetPacks
22-08-2014 11:55:33 Revo Uninstaller's restore point - Search Protect
22-08-2014 11:59:40 Revo Uninstaller's restore point - video MediaPlay-Air
22-08-2014 12:26:18 Revo Uninstaller's restore point - GMX Desktop Icons
22-08-2014 12:39:18 Revo Uninstaller's restore point - GMX MailCheck für Internet Explorer
22-08-2014 12:41:38 Revo Uninstaller's restore point - GMX Softwareaktualisierung
22-08-2014 12:59:57 Windows Update
23-08-2014 09:00:01 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-23 11:25 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00A2143C-288B-4611-88E8-4AEFCC12549C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {0315E158-5D1B-4C24-B7BD-CB737D944E07} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {2C7B34C0-9642-4F1C-8B21-47A364A0CCEB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {2E48DDAE-834D-414C-A0B4-6E966EB1878E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {5A63283D-215D-4428-8543-0BAD7DED2AE6} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5EEC57B0-4161-4A0B-83CD-0774565ED408} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {86F52852-72F6-442B-B69F-2582D219A477} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {97BAAC2D-ABB2-4594-A3D0-641A86D3AF81} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A04C623C-5D83-4B46-B3A5-AFF3211AB742} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15] (Google Inc.)
Task: {C7E4A8C7-0A49-40DB-B0B0-76F7B7E14CC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {DE7CAB67-59AD-4664-8A09-62E328D2C103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-01-23 12:23 - 2010-04-21 10:59 - 00058880 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_x64.dll
2011-03-01 13:37 - 2008-12-02 14:21 - 00041984 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_ex.exe
2009-11-14 19:25 - 2009-07-06 21:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2009-10-02 16:46 - 2009-10-02 16:46 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-03-18 02:25 - 2010-03-18 02:25 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2011-01-23 12:23 - 2010-04-21 11:00 - 00058368 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_30_Win32.dll
2011-03-01 13:37 - 2011-02-04 09:35 - 00815616 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2011-03-01 13:37 - 2010-09-30 10:14 - 00055296 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_03.dll
2014-07-31 10:05 - 2014-07-31 10:05 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-09 09:13 - 2014-07-09 09:13 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/26/2014 00:48:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 00:48:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 00:48:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 00:43:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 00:43:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 00:43:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 07:10:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 07:10:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/26/2014 07:10:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/25/2014 04:07:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (08/26/2014 00:48:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BHDrvx64
SRTSP

Error: (08/26/2014 00:47:44 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (08/26/2014 00:47:38 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (08/26/2014 00:47:24 PM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.

Error: (08/26/2014 07:53:09 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (08/26/2014 07:07:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BHDrvx64
SRTSP

Error: (08/26/2014 07:06:51 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (08/26/2014 07:06:39 AM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.

Error: (08/25/2014 03:59:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BHDrvx64
SRTSP

Error: (08/25/2014 03:58:53 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter


Microsoft Office Sessions:
=========================
Error: (07/29/2014 10:26:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 116 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/29/2014 10:25:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 253 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/08/2014 00:06:50 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/29/2013 05:42:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 14026 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/13/2012 00:34:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1107 seconds with 240 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-08-26 12:59:31.094
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-26 08:35:55.020
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-26 07:53:34.700
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-25 15:54:33.867
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-25 13:50:08.875
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-25 12:05:34.042
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-23 11:20:55.401
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-23 11:20:54.652
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-22 14:52:21.161
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-22 14:39:16.298
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II Dual-Core M320
Percentage of memory in use: 64%
Total physical RAM: 1788.2 MB
Available physical RAM: 641.97 MB
Total Pagefile: 3576.4 MB
Available Pagefile: 1701.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:219.13 GB) (Free:142.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.46 GB) (Free:2.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 041DF713)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

26.08.2014, 11:38	#12
M-K-D-B /// TB-Ausbilder	"bat=exe" Fehlermeldungen bei Windows 7 Start Servus, das Tool hier ausführen und danach gleich ESET nochmal versuchen... Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen Flush DNS Reset IE Proxy Settings Reset FF Proxy Settings Klicke Go und poste den Inhalt der Result.txt.

26.08.2014, 11:48	#14
M-K-D-B /// TB-Ausbilder	"bat=exe" Fehlermeldungen bei Windows 7 Start Servus, FRST nochmal zur Kontrolle bitte: Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan. FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt). Poste mir beide Logdateien mit deiner nächsten Antwort.

"bat=exe" Fehlermeldungen bei Windows 7 Start

Plagegeister aller Art und deren Bekämpfung: "bat=exe" Fehlermeldungen bei Windows 7 Start