Hallo,

ich habe Spyhunter 4 installiert. Möchte ich das ganze jetzt deinstallieren, bekomme ich einen Link zum Kauf der Software aber die Deinstallation läuft nicht weiter.
Betriebssystem ist Win 8

Solltet Ihr noch mehr Info`s benötigen, gebe ich die gerne weiter.

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

So, habe die Anwendung laufen lassen.

Folgende Logs sind dabei herausgekommen

Und noch einmal


FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2014
Ran by Ina (administrator) on CARSTEN-LAP on 10-12-2014 15:22:49
Running from C:\Users\Ina\Downloads
Loaded Profile: Ina (Available profiles: Carsten & Ina & Gast)
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(REINER SCT) C:\WINDOWS\SysWOW64\cjpcsc.exe
() C:\Users\Ina\AppData\Roaming\NetController\netcontrollerservice.exe
(Microsoft Corporation) C:\WINDOWS\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosBrowserMonitor.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\passwordmanagercom.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\fredirstarter.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Users\Ina\AppData\Roaming\NetController\netcontroller.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\WINDOWS\System32\mspaint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosHotKeyService.exe [100864 2014-08-04] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS15 Chrome Autofill Relay] => C:\Program Files (x86)\Steganos Privacy Suite 15\passwordmanagercom.exe [480120 2014-08-04] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS15 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 15\fredirstarter.exe [17920 2014-08-04] (Steganos Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\...\Run: [SSS15 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosBrowserMonitor.exe [73216 2014-08-04] (Steganos Software GmbH)
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\...\Run: [Raptr] => C:\PROGRA~2\Raptr\raptrstub.exe --startup
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\WINDOWS\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\WINDOWS\System32\schtasks.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
SearchScopes: HKU\S-1-5-21-2832616108-679565341-4177513334-1003 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2832616108-679565341-4177513334-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 15\SPMIEToolbar64.dll (Steganos Software GmbH)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 15\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2832616108-679565341-4177513334-1003 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Ina\AppData\Roaming\Mozilla\Firefox\Profiles\i67hlt1o.default-1418204789442
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3 [2014-10-18]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn [2014-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-10-30]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Ina\AppData\Roaming\Mozilla\Firefox\Profiles\gpe4ya0u.default\extensions\detgdp@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?type=sc&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-19]
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Ina\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-19]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Ina\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [518192 2014-01-27] (REINER SCT)
R2 NetControllerService; C:\Users\Ina\AppData\Roaming\NetController\netcontrollerservice.exe [187168 2014-10-16] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-12-10] (Enigma Software Group USA, LLC.)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-10] (Fuyu LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-12-19] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20141203.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
S3 BioNTDrv; C:\Program Files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [18696 2014-05-19] (Paragon Software Group)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-26] (Symantec Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-12-10] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-12-10] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20141209.001\IDSvia64.sys [637656 2014-11-18] (Symantec Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141209.004\ENG64.SYS [129752 2014-12-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141209.004\EX64.SYS [2137304 2014-12-05] (Symantec Corporation)
R1 ncdevice; C:\Windows\system32\DRIVERS\ncdevice.sys [41248 2014-05-22] (NT Kernel Resources)
R1 SLEE_18_DRIVER; C:\WINDOWS\Sleen1864.sys [109144 2014-07-29] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SRTSP; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-10-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 15:22 - 2014-12-10 15:22 - 02119680 _____ (Farbar) C:\Users\Ina\Downloads\frst64.exe
2014-12-10 15:22 - 2014-12-10 15:22 - 00023030 _____ () C:\Users\Ina\Downloads\FRST.txt
2014-12-10 15:22 - 2014-12-10 15:22 - 00000000 ____D () C:\FRST
2014-12-10 13:21 - 2014-12-10 13:31 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-10 13:20 - 2014-12-10 13:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ina\Downloads\revosetup95.exe
2014-12-10 13:05 - 2014-12-10 13:05 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-12-10 13:02 - 2014-12-10 13:02 - 05049344 _____ (Crawler.com ) C:\Users\Ina\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-12-10 13:00 - 2014-12-10 13:00 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Ina\Downloads\avira_de_av___ws.exe
2014-12-10 11:00 - 2014-12-10 11:00 - 00003324 _____ () C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2014-12-10 11:00 - 2014-12-10 11:00 - 00001089 _____ () C:\Users\Ina\Desktop\SpyHunter.lnk
2014-12-10 11:00 - 2014-12-10 11:00 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\Enigma Software Group
2014-12-10 11:00 - 2014-12-10 11:00 - 00000000 ____D () C:\sh4ldr
2014-12-10 11:00 - 2014-12-10 11:00 - 00000000 _____ () C:\autoexec.bat
2014-12-10 10:59 - 2014-12-10 10:59 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Ina\Downloads\SpyHunter-Installer.exe
2014-12-10 10:59 - 2014-12-10 10:59 - 00022704 _____ () C:\WINDOWS\system32\Drivers\EsgScanner.sys
2014-12-10 10:59 - 2014-12-10 10:59 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-12-10 10:58 - 2014-12-10 10:58 - 00707664 _____ (iS3, Inc.) C:\Users\Ina\Downloads\SZSetup_AID10121_AV.exe
2014-12-10 10:37 - 2014-12-10 10:57 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-12-10 10:37 - 2014-12-10 10:37 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\WinZipper
2014-12-09 19:43 - 2014-12-09 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-04 18:27 - 2014-12-04 18:27 - 00002142 _____ () C:\Users\Ina\AppData\Local\recently-used.xbel
2014-12-02 09:36 - 2014-12-02 10:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-11-30 18:41 - 2014-11-30 18:41 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2014-11-30 18:40 - 2014-11-30 18:41 - 00000000 ____D () C:\ProgramData\RavensburgerTipToi
2014-11-30 18:40 - 2014-11-30 18:40 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\RavensburgerTipToi
2014-11-29 21:47 - 2014-11-29 21:47 - 00000000 ____D () C:\ProgramData\newbackup
2014-11-29 21:46 - 2014-11-29 21:46 - 00000000 ____D () C:\ProgramData\launcher
2014-11-29 01:21 - 2014-11-29 01:21 - 00002373 _____ () C:\Users\Public\Desktop\Paragon Backup and Recovery™ 2014 Free.lnk
2014-11-29 01:21 - 2014-11-29 01:21 - 00002205 _____ () C:\Users\Public\Desktop\Paragon Recovery Media Builder™.lnk
2014-11-29 01:21 - 2014-11-29 01:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Backup and Recovery™ 2014 Free
2014-11-29 01:21 - 2014-11-29 01:21 - 00000000 ____D () C:\Program Files\Paragon Software
2014-11-29 01:20 - 2014-11-29 01:20 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Downloaded Installations
2014-11-29 01:19 - 2014-11-29 01:19 - 00000000 ____D () C:\ProgramData\explauncher
2014-11-26 10:56 - 2014-11-19 08:29 - 00582552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AutoUpdate.exe
2014-11-26 10:56 - 2014-11-19 08:29 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2014-11-24 10:29 - 2014-11-24 10:29 - 00008077 _____ () C:\Users\Ina\Downloads\Konto_2291037-Auszug_2014_015_mt940.txt
2014-11-24 07:59 - 2014-11-24 07:59 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-11-24 07:49 - 2014-11-24 07:49 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\ATI
2014-11-24 07:49 - 2014-11-24 07:49 - 00000000 ____D () C:\Users\Gast\AppData\Local\SRS Labs
2014-11-24 07:49 - 2014-11-24 07:49 - 00000000 ____D () C:\Users\Gast\AppData\Local\ATI
2014-11-24 07:48 - 2014-11-24 07:59 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Samsung
2014-11-24 07:48 - 2014-11-24 07:59 - 00000000 ____D () C:\Users\Gast\AppData\Local\Adobe
2014-11-24 07:48 - 2014-11-24 07:49 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Steganos
2014-11-24 07:48 - 2014-11-24 07:48 - 00005718 _____ () C:\Users\Gast\Desktop\Entfernte Anwendungen.html
2014-11-24 07:48 - 2014-11-24 07:48 - 00002249 _____ () C:\Users\Gast\Desktop\Google Chrome.lnk
2014-11-24 07:48 - 2014-11-24 07:48 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-11-24 07:48 - 2014-11-24 07:48 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Logitech
2014-11-24 07:48 - 2014-11-24 07:48 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-11-24 07:48 - 2014-11-24 07:48 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-11-23 21:19 - 2014-10-11 08:44 - 19764736 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-23 21:19 - 2014-10-11 06:57 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-23 21:19 - 2014-10-09 04:59 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-11-23 21:19 - 2014-10-09 04:59 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-11-23 21:19 - 2014-10-09 04:58 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-11-23 21:19 - 2014-09-26 07:30 - 01484288 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-11-23 21:19 - 2014-09-22 06:38 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-11-23 21:19 - 2014-09-22 04:56 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-11-23 21:19 - 2014-09-18 00:24 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2014-11-23 21:19 - 2014-09-18 00:24 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2014-11-23 21:19 - 2014-09-18 00:24 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll
2014-11-23 21:19 - 2014-09-18 00:24 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll
2014-11-23 21:19 - 2014-09-17 23:57 - 01346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2014-11-23 21:19 - 2014-09-17 23:57 - 00652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2014-11-23 21:19 - 2014-09-17 23:57 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll
2014-11-23 21:19 - 2014-09-17 23:57 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll
2014-11-23 21:02 - 2014-11-05 07:40 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-23 21:02 - 2014-11-05 07:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-23 21:02 - 2014-11-05 04:16 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-23 21:02 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-23 21:02 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-23 21:02 - 2014-10-11 08:45 - 10115072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-23 21:02 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-23 21:02 - 2014-10-11 08:44 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-23 21:02 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-23 21:02 - 2014-10-11 08:43 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-23 21:02 - 2014-10-11 06:58 - 08858624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-23 21:02 - 2014-10-11 06:57 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-23 21:02 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-23 21:02 - 2014-10-11 06:56 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-23 21:02 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-23 21:02 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-23 21:02 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-23 21:02 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-23 21:02 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-23 21:02 - 2014-10-02 23:29 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-23 21:02 - 2014-10-02 23:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-23 21:02 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-23 21:02 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-23 21:02 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-23 21:02 - 2014-09-13 07:24 - 02233152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-23 21:02 - 2014-09-06 01:46 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-23 21:02 - 2014-09-03 03:48 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-11-23 21:02 - 2014-09-03 03:22 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-11-23 21:02 - 2014-08-29 05:17 - 02043392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-23 21:02 - 2014-08-29 05:17 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2014-11-23 21:02 - 2014-08-29 05:04 - 02837504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-23 21:02 - 2014-08-29 05:04 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-11-23 21:02 - 2014-08-28 07:04 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2014-11-23 21:02 - 2014-08-28 07:04 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-23 21:02 - 2014-08-28 06:59 - 00616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-23 21:02 - 2014-08-28 06:59 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-23 21:02 - 2014-08-28 06:59 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSTIFF.dll
2014-11-23 21:02 - 2014-08-28 06:59 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXST30.dll
2014-11-23 21:02 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-23 21:02 - 2014-07-24 14:12 - 00328512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-11-23 21:01 - 2014-11-08 12:22 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-23 21:01 - 2014-11-08 12:21 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-23 21:01 - 2014-11-08 07:57 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-23 21:01 - 2014-11-08 07:56 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-23 21:01 - 2014-10-26 02:55 - 19284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-23 21:01 - 2014-10-26 02:55 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-23 21:01 - 2014-10-26 02:55 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-23 21:01 - 2014-10-26 02:55 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 15399424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-23 21:01 - 2014-10-26 02:53 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-23 21:01 - 2014-10-26 01:36 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 13758464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-23 21:01 - 2014-10-26 01:34 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-23 21:01 - 2014-10-26 01:19 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-11-23 21:01 - 2014-10-26 01:13 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-11-23 21:01 - 2014-10-25 22:48 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-11-23 21:01 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-23 21:01 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-23 21:01 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-23 21:01 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-11-23 21:01 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-23 21:01 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-11-23 21:01 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-23 21:01 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-23 21:01 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-23 21:01 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-23 21:01 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-23 21:01 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-22 14:00 - 2014-11-22 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REINER SCT cyberJack
2014-11-22 14:00 - 2014-01-27 17:08 - 00518192 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjpcsc.exe
2014-11-22 14:00 - 2013-05-17 14:17 - 00227672 _____ (Reiner Kartengeräte GmbH & Co.KG 1999-2012) C:\WINDOWS\SysWOW64\cjeca32.dll
2014-11-22 14:00 - 2012-10-19 15:42 - 00787576 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjpcsc32.dll
2014-11-22 14:00 - 2010-02-10 19:39 - 00269824 _____ (REINER SCT) C:\WINDOWS\SysWOW64\rsct_pnp.dll
2014-11-22 14:00 - 2007-05-31 07:38 - 00167936 _____ () C:\WINDOWS\SysWOW64\SerialXP.dll
2014-11-21 21:14 - 2014-11-26 12:31 - 00000000 ____D () C:\ProgramData\tmp
2014-11-21 21:14 - 2014-11-21 21:14 - 00000000 ____D () C:\ProgramData\hps
2014-11-21 21:13 - 2014-11-21 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnlineFotoservice
2014-11-21 21:09 - 2014-11-21 21:09 - 00000000 ____D () C:\Program Files\OnlineFotoservice
2014-11-21 21:08 - 2014-11-21 21:09 - 01627528 _____ () C:\Users\Ina\Downloads\setup_OnlineFotoservice.exe
2014-11-21 20:03 - 2014-11-21 21:05 - 00000000 ____D () C:\Users\Ina\Desktop\Kalender
2014-11-19 20:44 - 2014-11-19 20:44 - 00309248 _____ (Microsoft Corporation) C:\Users\Ina\Downloads\wmpfirefoxplugin.exe
2014-11-18 23:25 - 2014-11-18 23:25 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\XMedia Recode
2014-11-18 23:23 - 2014-11-18 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-11-18 23:23 - 2014-11-18 23:23 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-11-16 21:27 - 2014-11-16 21:27 - 00002249 _____ () C:\Users\Carsten\Desktop\Google Chrome.lnk
2014-11-16 21:27 - 2014-11-16 21:27 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Google
2014-11-16 20:24 - 2014-11-16 20:24 - 00000000 ____D () C:\Users\Ina\AppData\Local\Microsoft Help
2014-11-13 13:24 - 2014-11-22 14:00 - 00001137 _____ () C:\Users\Public\Desktop\cyberJack Gerätemanager,  Funktionstest.lnk
2014-11-13 13:24 - 2014-11-22 14:00 - 00000000 ____D () C:\Program Files (x86)\REINER SCT
2014-11-13 13:24 - 2012-09-04 17:58 - 00058442 _____ () C:\WINDOWS\SysWOW64\cjbc_en.lan
2014-11-13 13:24 - 2012-02-22 15:48 - 00063069 _____ () C:\WINDOWS\SysWOW64\cjbc_de.lan
2014-11-13 13:24 - 2012-02-19 19:32 - 00713648 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjpcscui.exe
2014-11-13 13:24 - 2012-02-14 11:48 - 00432560 _____ (REINER SCT) C:\WINDOWS\SysWOW64\ctrsct64.dll
2014-11-13 13:24 - 2012-02-14 11:48 - 00352688 _____ (REINER SCT) C:\WINDOWS\SysWOW64\ctrsct32.dll
2014-11-13 13:24 - 2012-02-14 11:48 - 00208816 _____ (Reiner Kartengeräte GmbH) C:\WINDOWS\SysWOW64\cjppa32.dll
2014-11-13 13:24 - 2012-02-14 11:48 - 00053680 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjKbBase.dll
2014-11-13 13:24 - 2012-02-14 11:47 - 00063408 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjpcscli.exe
2014-11-13 13:24 - 2011-07-22 07:50 - 00359856 _____ (REINER SCT) C:\WINDOWS\SysWOW64\zkasigct.dll
2014-11-13 13:24 - 2009-11-09 09:48 - 00061952 _____ ( REINER SCT) C:\WINDOWS\SysWOW64\cjtpl.cpl
2014-11-13 13:24 - 2009-03-09 17:17 - 00274224 _____ (REINER SCT) C:\WINDOWS\SysWOW64\gkapi.dll
2014-11-13 13:24 - 2008-03-25 09:24 - 00060702 _____ () C:\WINDOWS\SysWOW64\rsct_pv_start.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00060702 _____ () C:\WINDOWS\SysWOW64\rsct_mv_start.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00013084 _____ () C:\WINDOWS\SysWOW64\rsct_key_clear.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00013026 _____ () C:\WINDOWS\SysWOW64\rsct_key_err.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00004636 _____ () C:\WINDOWS\SysWOW64\rsct_key_1.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00000656 _____ () C:\WINDOWS\SysWOW64\rsct_key.wav
2014-11-13 13:24 - 2008-03-19 13:48 - 00033136 _____ () C:\WINDOWS\SysWOW64\rsct_pv_stop.wav
2014-11-13 13:24 - 2008-03-19 13:48 - 00033136 _____ () C:\WINDOWS\SysWOW64\rsct_mv_stop.wav
2014-11-13 13:24 - 2007-11-07 12:20 - 00344064 _____ (REINER SCT) C:\WINDOWS\SysWOW64\SetupHBCI.exe
2014-11-13 13:24 - 2007-11-07 12:20 - 00196608 _____ (REINER SCT) C:\WINDOWS\SysWOW64\rsct_pnp.exe
2014-11-13 13:24 - 2007-05-31 07:38 - 00434252 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCRTD.DLL
2014-11-13 13:24 - 2007-05-31 07:38 - 00151552 _____ (REINER SCT) C:\WINDOWS\SysWOW64\OcfCopy.exe
2014-11-13 13:24 - 2007-05-31 07:38 - 00053248 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjtrm.dll
2014-11-13 13:24 - 2007-05-31 07:38 - 00041472 _____ (IBM Corporation) C:\WINDOWS\SysWOW64\ocfpcsc1.dll
2014-11-13 13:24 - 2007-05-31 07:38 - 00027648 _____ () C:\WINDOWS\SysWOW64\win32com.dll
2014-11-13 13:24 - 2007-05-31 07:38 - 00014949 _____ (franson.biz) C:\WINDOWS\SysWOW64\Drivers\bizVSerialNT.sys
2014-11-13 13:23 - 2014-11-13 13:23 - 11104520 _____ (Macrovision Corporation) C:\Users\Ina\Downloads\bc_6_10_8.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 15:17 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-10 13:42 - 2014-01-20 13:03 - 00909312 ___SH () C:\Users\Ina\Desktop\Thumbs.db
2014-12-10 13:33 - 2012-07-26 11:27 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-10 13:33 - 2012-07-26 11:27 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-10 13:33 - 2012-07-26 08:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-10 13:32 - 2014-10-23 18:54 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-10 13:32 - 2014-10-18 12:46 - 00000000 ____D () C:\Program Files (x86)\Steganos Privacy Suite 15
2014-12-10 13:28 - 2014-11-09 21:52 - 00001144 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 13:28 - 2014-10-18 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 13:28 - 2014-10-17 23:40 - 00022054 _____ () C:\WINDOWS\PFRO.log
2014-12-10 13:28 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-10 13:28 - 2012-07-26 06:26 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-10 13:04 - 2014-11-09 21:52 - 00001148 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-10 11:00 - 2014-10-17 23:41 - 00000000 ____D () C:\Users\Ina
2014-12-10 10:46 - 2014-08-29 12:09 - 00000000 ____D () C:\Users\Ina\Desktop\Alte Firefox-Daten
2014-12-10 10:44 - 2014-11-09 21:52 - 00000000 ____D () C:\Users\Ina\AppData\Local\Google
2014-12-10 10:37 - 2014-10-23 18:54 - 00000000 ____D () C:\Users\Ina\AppData\Local\CrashDumps
2014-12-10 10:37 - 2014-10-18 10:30 - 00001373 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-10 10:37 - 2014-10-18 10:30 - 00001361 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-10 10:37 - 2014-10-18 09:58 - 00001652 _____ () C:\Users\Ina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-10 08:03 - 2014-10-19 12:31 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-09 23:00 - 2014-10-19 22:25 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\vlc
2014-12-08 20:34 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-07 18:53 - 2014-10-21 20:17 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-12-07 11:52 - 2014-10-19 22:26 - 00000000 ____D () C:\Users\Carsten\AppData\Local\CrashDumps
2014-12-07 11:32 - 2014-10-19 21:25 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\UseNeXT
2014-12-04 19:22 - 2014-10-30 21:27 - 00000000 ____D () C:\Users\Ina\.gimp-2.8
2014-11-30 22:40 - 2014-10-17 23:42 - 00000000 ____D () C:\Users\Carsten\AppData\Local\VirtualStore
2014-11-30 21:44 - 2014-10-18 10:03 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2832616108-679565341-4177513334-1003
2014-11-30 18:44 - 2012-07-26 08:21 - 01354469 _____ () C:\WINDOWS\setupact.log
2014-11-30 18:41 - 2014-07-22 15:43 - 00000763 _____ () C:\Users\Ina\Desktop\tiptoi.lnk
2014-11-29 19:32 - 2014-10-17 23:41 - 01440872 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-29 01:23 - 2010-07-06 19:29 - 00000000 ____D () C:\Download
2014-11-28 16:45 - 2014-10-18 00:34 - 00000000 ____D () C:\WINDOWS\Panther
2014-11-28 16:45 - 2014-09-24 16:19 - 00000000 ___HD () C:\$Windows.~BT
2014-11-28 16:44 - 2009-07-29 06:10 - 00000000 __SHD () C:\Recovery
2014-11-28 16:22 - 2009-07-29 07:03 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-11-28 16:21 - 2014-10-17 23:41 - 00095253 _____ () C:\WINDOWS\diagwrn.xml
2014-11-28 16:21 - 2014-10-17 23:41 - 00095253 _____ () C:\WINDOWS\diagerr.xml
2014-11-28 16:21 - 2012-07-26 09:13 - 00003144 _____ () C:\WINDOWS\DtcInstall.log
2014-11-28 16:18 - 2014-10-18 07:38 - 00003133 _____ () C:\WINDOWS\comsetup.log
2014-11-28 16:17 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-28 16:10 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-11-26 11:48 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-26 11:19 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-26 04:42 - 2011-06-11 00:58 - 00773808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100.dll
2014-11-26 04:42 - 2011-06-11 00:58 - 00421040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp100.dll
2014-11-24 07:48 - 2014-10-17 23:41 - 00000000 ____D () C:\Users\Gast
2014-11-23 21:42 - 2014-10-19 22:36 - 00323760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-23 21:41 - 2014-10-18 06:50 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-23 21:29 - 2014-10-19 20:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-23 21:23 - 2014-10-23 18:54 - 00000000 ____D () C:\Program Files (x86)\RCP
2014-11-23 21:22 - 2014-10-18 00:31 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-23 21:20 - 2014-10-18 00:31 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-22 14:00 - 2014-10-22 21:22 - 00019444 _____ () C:\WINDOWS\DPINST.LOG
2014-11-22 14:00 - 2014-10-22 21:22 - 00000396 _____ () C:\WINDOWS\hbcikrnl.ini
2014-11-21 19:22 - 2014-10-19 21:24 - 00000782 _____ () C:\Users\Carsten\Desktop\UseNeXT by Tangysoft.lnk
2014-11-21 19:22 - 2014-10-19 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-20 21:56 - 2012-07-26 09:14 - 00713672 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 21:56 - 2012-07-26 09:14 - 00106440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-19 22:06 - 2014-10-21 12:15 - 00073624 _____ () C:\Users\Ina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-17 13:49 - 2014-06-09 09:35 - 00336896 ___SH () C:\Users\Ina\Downloads\Thumbs.db
2014-11-14 19:59 - 2014-11-09 21:52 - 00004120 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 19:59 - 2014-11-09 21:52 - 00003884 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 12:33 - 2014-10-30 20:58 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-11-14 12:33 - 2014-10-30 20:58 - 00002212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-11-14 12:33 - 2014-10-30 20:58 - 00002051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-11-13 13:24 - 2014-10-22 21:21 - 00000000 ____D () C:\ProgramData\REINER SCT
2014-11-13 13:24 - 2014-10-19 22:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-12 20:43 - 2014-10-18 10:29 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\NetController

Some content of TEMP:
====================
C:\Users\Carsten\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\Carsten\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Carsten\AppData\Local\Temp\ose00000.exe
C:\Users\Carsten\AppData\Local\Temp\raptrpatch.exe
C:\Users\Carsten\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-07 00:56

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2014
Ran by Ina at 2014-12-10 15:23:18
Running from C:\Users\Ina\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0055 - ASUS)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.8 - REINER SCT)
Foxit Reader (HKLM-x32\...\{27E3028E-06C8-4C09-8C3E-07F7F508304E}) (Version: 5.3.1.606 - Foxit Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
NetController (web controller) (HKLM-x32\...\NetController) (Version: 3.0.0.7 - Inquiro SA)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.0.1 - CEWE Stiftung u Co. KGaA)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - Piranha Bytes)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.32.00(01.04.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.5.0 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Software (web controller) (HKLM-x32\...\Software) (Version: 3.0.0.7 - Inquiro SA)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.4300 - SRS Labs, Inc.)
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (HKLM-x32\...\{B1F8BD2D-0E6A-48D0-9F8F-2C4E71F1F6DE}) (Version: 9.0 - Star Finanz GmbH)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Steganos Privacy Suite 15 (HKLM-x32\...\{704C8372-B1C3-4A76-AA5C-B91021B1DCFA}) (Version: 15.2.4 - Steganos Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WindowsMangerProtect20.0.0.1013 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1013 - WindowsProtect LIMITED) <==== ATTENTION
XMedia Recode Version 3.2.0.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.0.2 - XMedia Recode)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

07-12-2014 11:12:13 Geplanter Prüfpunkt
10-12-2014 12:21:50 Revo Uninstaller's restore point - SpyHunter 4

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02A92145-C484-4F51-AEA6-CC206028D2F6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-23] (Microsoft Corporation)
Task: {25A59AA6-E035-43C4-ADEB-7ECBCD132246} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {3DCF56C7-5355-4C50-9267-8373AAC6502A} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-12-10] (Enigma Software Group USA, LLC.)
Task: {6B1B1C3C-1FB9-47F7-847C-836A447C0982} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {8337DE87-4C42-4ABC-B324-BD136282428D} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-06-06] (IObit)
Task: {8ACF7B49-06C7-41A0-8569-18A81BC40CDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {91A84425-629C-4433-8B78-BA441570F466} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {D28BE9CE-374D-4CE2-943B-06B07521658D} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E5565731-6903-4B26-B7D5-5935A508A9F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-05 12:19 - 2014-08-05 12:19 - 00034304 _____ () C:\WINDOWS\System32\sst6clm.dll
2014-10-16 09:23 - 2014-10-16 09:23 - 00187168 _____ () C:\Users\Ina\AppData\Roaming\NetController\netcontrollerservice.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-10-16 09:23 - 2014-10-29 07:56 - 00795424 _____ () C:\Users\Ina\AppData\Roaming\NetController\netcontroller.exe
2014-10-21 20:19 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2014-10-18 13:54 - 2014-06-06 12:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-10-18 13:54 - 2014-06-06 12:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-10-18 13:54 - 2014-06-06 12:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-10-18 13:54 - 2014-06-06 12:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2014-12-02 09:36 - 2014-12-02 09:36 - 03339376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-12-02 09:36 - 2014-12-02 09:36 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-12-02 09:36 - 2014-12-02 09:36 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-12-09 19:43 - 2014-12-09 19:43 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2832616108-679565341-4177513334-500 - Administrator - Disabled)
Carsten (S-1-5-21-2832616108-679565341-4177513334-1001 - Administrator - Enabled) => C:\Users\Carsten
Gast (S-1-5-21-2832616108-679565341-4177513334-501 - Limited - Enabled) => C:\Users\Gast
Ina (S-1-5-21-2832616108-679565341-4177513334-1003 - Administrator - Enabled) => C:\Users\Ina

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2014 01:21:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (12/10/2014 10:37:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 39.0.2171.71, Zeitstempel: 0x547407a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b485c4
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00078c9e
ID des fehlerhaften Prozesses: 0x2378
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/10/2014 10:37:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 39.0.2171.71, Zeitstempel: 0x547407a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b485c4
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00078c9e
ID des fehlerhaften Prozesses: 0x5a4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/10/2014 10:37:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 39.0.2171.71, Zeitstempel: 0x547407a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b485c4
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00078c9e
ID des fehlerhaften Prozesses: 0x34
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/10/2014 10:37:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x23e0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (12/07/2014 11:52:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0xa98
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (12/07/2014 11:51:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0x146c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (12/07/2014 11:51:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0x27ec
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (12/07/2014 11:45:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0x918
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (12/07/2014 11:43:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0x2724
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5


System errors:
=============
Error: (12/10/2014 01:49:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/10/2014 01:27:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/10/2014 10:59:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "cyberJack PC/SC COM Service " wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/10/2014 10:59:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NetController service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/10/2014 10:59:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WindowsMangerProtect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/10/2014 10:57:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WinZiper service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/09/2014 11:12:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/09/2014 01:19:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/08/2014 11:30:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/08/2014 08:34:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 38%
Total physical RAM: 3948.55 MB
Available physical RAM: 2418.81 MB
Total Pagefile: 5804.55 MB
Available Pagefile: 3341.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:91.12 GB) (Free:36.84 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:147.34 GB) (Free:16.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 88E7C5B0)
Partition 1: (Active) - (Size=91.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=147.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

• Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
• Klicke auf Optionen und wähle als Sprache Deutsch.
• Suche im Uninstallerfeld nach den Programmen:
  
  RegClean-Pro
  
  WindowsMangerProtect20.0.0.1013 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1013 - WindowsProtect LIMITED) <==== ATTENTION
  
  SpyHunter
  
  
• Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

 

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.