google chrome öffnet werbetabs - immer zwei stück

cosinus · 15.01.2015, 12:28

Sagmal lieber dnastone, möchtest du oder kannst du die o.g. Tools nicht ausführen?

Bitte auch das letzte MBAM Log posten

dnastone · 16.01.2015, 09:07

einmal das log file von adwcleaner

Code:

ATTFilter

# AdwCleaner v4.107 - Bericht erstellt am 16/01/2015 um 08:33:47
# Aktualisiert 07/01/2015 von Xplode
# Database : 2015-01-13.2 [Live]
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzername : mp - DNN
# Gestartet von : C:\Users\mp\Desktop\adwcleaner_4.107.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0 (x86 de)


-\\ Google Chrome v


*************************

AdwCleaner[R5].txt - [914 octets] - [10/12/2014 09:04:04]
AdwCleaner[R6].txt - [899 octets] - [14/01/2015 13:43:11]
AdwCleaner[R7].txt - [966 octets] - [15/01/2015 08:38:00]
AdwCleaner[R8].txt - [1107 octets] - [15/01/2015 09:37:27]
AdwCleaner[R9].txt - [888 octets] - [16/01/2015 08:33:47]
AdwCleaner[S3].txt - [974 octets] - [10/12/2014 09:34:06]
AdwCleaner[S4].txt - [1169 octets] - [15/01/2015 09:40:44]

########## EOF - C:\AdwCleaner\AdwCleaner[R9].txt - [1066 octets] ##########

und das log file von JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Enterprise x64
Ran by mp on 16.01.2015 at  8:37:55,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\DriverMaxWelcome.job
Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\CloudBerry Explorer for Amazon S3



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.01.2015 at  8:44:09,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

die Log Files FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by mp (administrator) on DNN on 16-01-2015 08:59:23
Running from C:\Users\mp\Desktop
Loaded Profiles: mp & ReportServer & MSSQLFDLauncher & MSSQLSERVER (Available profiles: mp & ipad & ReportServer & MSSQLFDLauncher & MSSQLSERVER & Classic .NET AppPool & doco & dnn6 & DefaultAppPool & dnn7 & ASP.NET v4.0)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Thisisu) C:\Users\mp\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [162520 2014-06-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-03-14] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-10] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1133584 2014-11-28] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-23] (Microsoft Corporation)
IFEO\Acrobat.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\acrodist.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\drivermax.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\formdesigner.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\illustrator.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skyfonts.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\teamviewer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4146716275-3925582995-2816791695-1000] => localhost:8080
HKU\S-1-5-21-4146716275-3925582995-2816791695-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://startpage.com/deu/
HKU\S-1-5-21-4146716275-3925582995-2816791695-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4146716275-3925582995-2816791695-1000 -> {6B4D45B7-0E4A-4AA7-8C8F-696BB66D887E} URL = hxxp://startpage.com/do/search?query={searchTerms}&nossl=1&cat=web&pl=ie&language=deutsch
SearchScopes: HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4146716275-3925582995-2816791695-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\3gax4uzk.default
FF SelectedSearchEngine: Startpage HTTPS - Deutsch
FF Homepage: https://startpage.com/deu/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7B%20var%20lhost%2C%20localIpAddresses%2C%20localDomains%2C%20ipNotation%2C%20i%3B%20function%20isPlainHostNameEx()%20%7B%20return%20!(!!~lhost.indexOf('.')%20%7C%7C%20!!~lhost.indexOf('%3A'))%3B%20%7D%20lhost%20%3D%20host.toLowerCase()%3B%20ipNotation%20%3D%20%2F%5E%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%24%2Fg%3B%20localIpAddresses%20%3D%20%5B'127.0.0.1'%2C'10.*.*.*'%2C'172.1%5B6-9%5D.*.*'%2C'172.2%5B1-9%5D.*.*'%2C'172.3%5B0-1%5D.*.*'%2C'192.168.*.*'%5D%3B%20localDomains%20%3D%20%5B'zeus.pm'%2C'zenguard.biz'%2C'local'%2C'dev'%2C'ip'%2C'box'%2C'lvh.me'%2C'ripe'%2C'invalid'%2C'intra'%2C'intranet'%2C'onion'%2C'vcap.me'%2C'127.0.0.1.xip.io'%2C'smackaho.st'%2C'localtest.me'%2C'site'%5D%3B%20if%20(isPlainHostNameEx())%20%7B%20return%20'DIRECT'%3B%20%7D%20if%20(ipNotation.test(lhost))%20%7B%20for%20(i%20%3D%200%3B%20i%20%3C%20localIpAddresses.length%3B%20i%2B%2B)%20%7B%20if%20(shExpMatch(lhost%2C%20localIpAddresses%5Bi%5D))%20%7B%20return%20'DIRECT'%3B%20%7D%20%7D%20%7D%20for%20(i%20%3D%200%3B%20i%20%3C%20localDomains.length%3B%20i%2B%2B)%20%7B%20if%20(dnsDomainIs(lhost%2C%20localDomains%5Bi%5D))%20%7B%20return%20'DIRECT'%3B%20%7D%20%7D%20return%20'PROXY%20127.0.0.1%3A58045'%3B%20%7D%20%2F*ZenMate*%2F"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-4146716275-3925582995-2816791695-1000: @citrixonline.com/appdetectorplugin -> C:\Users\mp\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-4146716275-3925582995-2816791695-1000: @tools.google.com/Google Update;version=3 -> C:\Users\mp\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4146716275-3925582995-2816791695-1000: @tools.google.com/Google Update;version=9 -> C:\Users\mp\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4146716275-3925582995-2816791695-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\mp\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\3gax4uzk.default\searchplugins\startpage-https---deutsch.xml
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\3gax4uzk.default\Extensions\donottrackplus@abine.com [2014-11-24]
FF Extension: Live HTTP Headers - C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\3gax4uzk.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2014-06-17]
FF Extension: Adblock Plus - C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\3gax4uzk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-23]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-07-31]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-02-04]
FF HKU\S-1-5-21-4146716275-3925582995-2816791695-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-04-07]

Chrome: 
=======
CHR HomePage: Profile 1 -> https://www.startpage.com/deu/
CHR StartupUrls: Profile 1 -> "https://www.startpage.com/deu/"
CHR DefaultSearchKeyword: Profile 1 -> startpage.com
CHR DefaultSearchURL: Profile 1 -> https://startpage.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=deutsch
CHR DefaultSuggestURL: Profile 1 -> https://startpage.com/cgi-bin/csuggest?output=json&pl=chrome&lang=deutsch&query={searchTerms}
CHR Profile: C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Silverlight for Chrome) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\abblgjadmiiofjfapckdfdbblhkpomao [2014-11-23]
CHR Extension: (Google Drive) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-17]
CHR Extension: (Adblock Plus) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-15]
CHR Extension: (Google-Suche) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-17]
CHR Extension: (ZenMate) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-10-04]
CHR Extension: (Disconnect) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-10-02]
CHR Extension: (Google Wallet) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-17]
CHR Extension: (Google Mail) - C:\Users\mp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-26] (Avast Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [858640 2014-11-28] (AVG Technologies CZ, s.r.o.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-07-09] (DisplayLink Corp.)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-13] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-02-06] (Intel Corporation)
R3 MSSQLFDLauncher; c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50368 2014-05-15] (Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [194240 2014-05-15] (Microsoft Corporation)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2454720 2014-05-15] (Microsoft Corporation)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [239616 2012-07-20] (Samsung Electronics Co., Ltd.) [File not signed]
S4 SkyFontsService; C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [35120 2014-05-30] (Monotype Inc.)
S4 SQLSERVERAGENT; c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2014-05-15] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604856 2014-11-24] (AVG Technologies)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)
S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-26] ()
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.6.56275.0.sys [46384 2014-07-10] ()
R3 dlcdcncm; C:\Windows\System32\DRIVERS\dlcdcncm62_x64.sys [82224 2014-07-09] (DisplayLink Corp.)
R3 dlusbaudio; C:\Windows\System32\DRIVERS\dlusbaudio_x64.sys [206128 2014-07-09] (DisplayLink Corp.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-07] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-05-14] (Intel Corporation)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9113816 2014-06-20] (Realtek Semiconductor Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-11-24] (TuneUp Software)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-26] (Avast Software)
S3 XHCIdrv; C:\Windows\System32\DRIVERS\XHCIdrv.sys [119720 2013-10-24] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 btmaudio; system32\drivers\btmaud.sys [X]
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.3.40660.0.sys [X]
S3 dlcdcncm6_x64; system32\DRIVERS\dlcdcncm6_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 08:59 - 2015-01-16 08:59 - 00028933 _____ () C:\Users\mp\Desktop\FRST.txt
2015-01-16 08:58 - 2015-01-16 08:59 - 02125312 _____ (Farbar) C:\Users\mp\Desktop\FRST64.exe
2015-01-16 08:58 - 2015-01-16 08:58 - 00000280 _____ () C:\Windows\system32\2015-01-16-07-58-44.001-aswFe.exe-5072.log
2015-01-16 08:44 - 2015-01-16 08:44 - 00001420 _____ () C:\Users\mp\Desktop\JRT.txt
2015-01-16 08:37 - 2015-01-16 08:37 - 00000000 ____D () C:\Windows\ERUNT
2015-01-16 08:33 - 2015-01-16 08:32 - 01707939 _____ (Thisisu) C:\Users\mp\Desktop\JRT.exe
2015-01-16 08:08 - 2015-01-16 08:09 - 00000197 _____ () C:\Windows\system32\2015-01-16-07-08-52.065-AvastVBoxSVC.exe-4640.log
2015-01-15 11:45 - 2015-01-15 11:45 - 00000197 _____ () C:\Windows\system32\2015-01-15-10-45-45.043-AvastVBoxSVC.exe-6308.log
2015-01-15 10:51 - 2015-01-15 10:51 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2015-01-15 09:44 - 2015-01-15 09:44 - 00000197 _____ () C:\Windows\system32\2015-01-15-08-44-08.085-AvastVBoxSVC.exe-6148.log
2015-01-15 09:43 - 2015-01-15 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-15 09:43 - 2015-01-15 09:43 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-15 09:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-15 09:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-15 08:51 - 2015-01-15 08:51 - 00000000 _____ () C:\autoexec.bat
2015-01-15 08:29 - 2015-01-15 08:29 - 06388000 _____ (Tim Kosse) C:\Users\mp\Downloads\FileZilla_3.10.0.1_win32-setup.exe
2015-01-15 08:25 - 2015-01-15 08:25 - 00000197 _____ () C:\Windows\system32\2015-01-15-07-25-49.072-AvastVBoxSVC.exe-4608.log
2015-01-14 21:09 - 2015-01-14 21:10 - 00000197 _____ () C:\Windows\system32\2015-01-14-20-09-26.093-AvastVBoxSVC.exe-6336.log
2015-01-14 15:51 - 2015-01-15 09:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-14 15:51 - 2015-01-14 15:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-14 15:48 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-14 10:17 - 2015-01-14 10:17 - 00000197 _____ () C:\Windows\system32\2015-01-14-09-17-33.009-AvastVBoxSVC.exe-4688.log
2015-01-14 10:15 - 2015-01-14 10:15 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-14 08:27 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 08:27 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 08:27 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 08:27 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 08:27 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 08:27 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 08:27 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 08:27 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 08:27 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 08:27 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 08:27 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 08:27 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 08:27 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 08:24 - 2015-01-14 08:24 - 00000197 _____ () C:\Windows\system32\2015-01-14-07-24-13.001-AvastVBoxSVC.exe-4576.log
2015-01-13 21:02 - 2015-01-13 21:02 - 00000197 _____ () C:\Windows\system32\2015-01-13-20-02-19.092-AvastVBoxSVC.exe-4300.log
2015-01-13 14:10 - 2015-01-13 14:10 - 00000000 ____D () C:\Program Files (x86)\MSECache
2015-01-13 09:29 - 2015-01-16 08:08 - 00000482 _____ () C:\Windows\setupact.log
2015-01-13 08:59 - 2015-01-13 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingBill 2015
2015-01-13 08:42 - 2015-01-13 08:43 - 00000197 _____ () C:\Windows\system32\2015-01-13-07-42-24.000-AvastVBoxSVC.exe-4404.log
2015-01-12 16:27 - 2015-01-12 16:28 - 00008750 _____ () C:\Users\mp\Desktop\Tscheppe_Stunden_SServer.xlsx
2015-01-12 10:58 - 2015-01-12 11:34 - 00002378 _____ () C:\Users\mp\Desktop\Tscheppe NEU.rdp
2015-01-12 08:09 - 2015-01-12 08:09 - 00000197 _____ () C:\Windows\system32\2015-01-12-07-09-30.066-AvastVBoxSVC.exe-4512.log
2015-01-11 21:33 - 2015-01-11 21:33 - 00000197 _____ () C:\Windows\system32\2015-01-11-20-33-20.032-AvastVBoxSVC.exe-4408.log
2015-01-11 19:40 - 2015-01-11 19:41 - 00000197 _____ () C:\Windows\system32\2015-01-11-18-40-37.000-AvastVBoxSVC.exe-6640.log
2015-01-09 08:50 - 2015-01-09 08:51 - 00000197 _____ () C:\Windows\system32\2015-01-09-07-50-40.035-AvastVBoxSVC.exe-5008.log
2015-01-08 09:15 - 2015-01-08 09:15 - 00000197 _____ () C:\Windows\system32\2015-01-08-08-15-51.018-AvastVBoxSVC.exe-5580.log
2015-01-08 08:07 - 2015-01-08 08:08 - 00000197 _____ () C:\Windows\system32\2015-01-08-07-07-36.084-AvastVBoxSVC.exe-6152.log
2015-01-07 16:18 - 2015-01-13 09:29 - 00000708 _____ () C:\Windows\LkmdfCoInst.log
2015-01-07 07:55 - 2015-01-07 07:56 - 00000197 _____ () C:\Windows\system32\2015-01-07-06-55-37.063-AvastVBoxSVC.exe-6388.log
2015-01-05 09:21 - 2015-01-05 09:21 - 00000197 _____ () C:\Windows\system32\2015-01-05-08-21-03.029-AvastVBoxSVC.exe-6788.log
2015-01-03 10:56 - 2015-01-03 10:56 - 00000197 _____ () C:\Windows\system32\2015-01-03-09-56-33.075-AvastVBoxSVC.exe-5204.log
2015-01-03 10:17 - 2015-01-03 10:17 - 00000197 _____ () C:\Windows\system32\2015-01-03-09-17-21.008-AvastVBoxSVC.exe-5748.log
2015-01-02 15:42 - 2015-01-02 15:42 - 00000197 _____ () C:\Windows\system32\2015-01-02-14-42-31.029-AvastVBoxSVC.exe-6496.log
2014-12-30 20:34 - 2014-12-30 20:34 - 00000197 _____ () C:\Windows\system32\2014-12-30-19-34-37.092-AvastVBoxSVC.exe-4640.log
2014-12-30 19:35 - 2014-12-30 19:36 - 00000197 _____ () C:\Windows\system32\2014-12-30-18-35-58.073-AvastVBoxSVC.exe-5036.log
2014-12-24 21:08 - 2014-12-24 21:08 - 00000197 _____ () C:\Windows\system32\2014-12-24-20-08-21.051-AvastVBoxSVC.exe-5164.log
2014-12-23 22:40 - 2014-12-23 22:40 - 00000197 _____ () C:\Windows\system32\2014-12-23-21-40-04.061-AvastVBoxSVC.exe-6652.log
2014-12-23 11:21 - 2014-12-23 11:21 - 00000197 _____ () C:\Windows\system32\2014-12-23-10-21-08.011-AvastVBoxSVC.exe-4656.log
2014-12-23 08:44 - 2014-12-23 08:44 - 00000197 _____ () C:\Windows\system32\2014-12-23-07-44-43.059-AvastVBoxSVC.exe-4320.log
2014-12-22 20:01 - 2014-12-22 20:02 - 00000197 _____ () C:\Windows\system32\2014-12-22-19-01-35.069-AvastVBoxSVC.exe-4892.log
2014-12-19 08:26 - 2014-12-19 08:26 - 00000197 _____ () C:\Windows\system32\2014-12-19-07-26-24.066-AvastVBoxSVC.exe-4800.log
2014-12-18 13:56 - 2014-12-18 13:56 - 00000280 _____ () C:\Windows\system32\2014-12-18-12-56-20.021-aswFe.exe-9712.log
2014-12-18 13:55 - 2014-12-18 13:56 - 00000280 _____ () C:\Windows\system32\2014-12-18-12-55-48.045-aswFe.exe-9760.log
2014-12-18 08:40 - 2014-12-18 08:41 - 00000197 _____ () C:\Windows\system32\2014-12-18-07-40-29.004-AvastVBoxSVC.exe-6204.log
2014-12-18 08:32 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 08:32 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 15:22 - 2014-12-17 15:22 - 00000197 _____ () C:\Windows\system32\2014-12-17-14-22-09.068-AvastVBoxSVC.exe-6080.log
2014-12-17 15:15 - 2014-12-17 15:15 - 00000280 _____ () C:\Windows\system32\2014-12-17-14-15-12.013-aswFe.exe-1608.log
2014-12-17 09:25 - 2014-12-17 09:25 - 00000247 _____ () C:\Windows\system32\2014-12-17-08-25-19.028-aswFe.exe-7528.log
2014-12-17 09:22 - 2014-12-17 09:25 - 00000247 _____ () C:\Windows\system32\2014-12-17-08-22-40.037-aswFe.exe-8276.log
2014-12-17 09:22 - 2014-12-17 09:22 - 00000197 _____ () C:\Windows\system32\2014-12-17-08-22-38.038-AvastVBoxSVC.exe-7832.log
2014-12-17 09:17 - 2014-12-17 09:17 - 00000197 _____ () C:\Windows\system32\2014-12-17-08-17-06.084-AvastVBoxSVC.exe-4512.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 08:59 - 2014-11-25 14:14 - 00000000 ____D () C:\FRST
2015-01-16 08:50 - 2014-03-05 09:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 08:44 - 2013-09-23 08:23 - 02023032 _____ () C:\Windows\WindowsUpdate.log
2015-01-16 08:35 - 2014-12-10 09:03 - 00000000 ____D () C:\AdwCleaner
2015-01-16 08:26 - 2013-09-23 14:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-16 08:18 - 2014-06-13 07:21 - 00000000 ____D () C:\Users\mp\AppData\Local\Adobe
2015-01-16 08:16 - 2009-07-14 05:45 - 00020768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-16 08:16 - 2009-07-14 05:45 - 00020768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-16 08:12 - 2009-07-14 11:49 - 00900710 _____ () C:\Windows\system32\perfh007.dat
2015-01-16 08:12 - 2009-07-14 11:49 - 00216854 _____ () C:\Windows\system32\perfc007.dat
2015-01-16 08:12 - 2009-07-14 06:13 - 02125076 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-16 08:11 - 2014-09-02 10:27 - 00003304 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2015-01-16 08:10 - 2014-03-05 09:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 08:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 11:43 - 2014-12-11 14:11 - 00058398 _____ () C:\Windows\PFRO.log
2015-01-15 11:43 - 2014-01-16 10:15 - 00000000 ____D () C:\Users\MSSQLFDLauncher
2015-01-15 11:37 - 2013-09-24 14:32 - 00000000 ____D () C:\Users\mp\AppData\Roaming\FileZilla
2015-01-15 09:54 - 2013-09-26 16:49 - 00000000 ____D () C:\Users\dnn7
2015-01-15 09:38 - 2013-09-24 15:22 - 00000000 ____D () C:\Users\mp\AppData\Roaming\Skype
2015-01-15 09:17 - 2013-09-24 09:29 - 00000000 ____D () C:\Users\mp\Documents\SQL Server Management Studio
2015-01-15 09:03 - 2013-09-26 11:01 - 00005090 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for dnn-mp dnn
2015-01-15 08:51 - 2013-09-23 08:23 - 00000000 ____D () C:\Users\mp
2015-01-15 08:29 - 2014-02-18 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-15 08:29 - 2013-09-24 14:32 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-01-14 21:09 - 2013-09-23 08:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-14 15:51 - 2014-11-25 14:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-14 15:12 - 2013-10-09 09:54 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-01-14 11:26 - 2013-09-23 14:44 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 11:26 - 2013-09-23 14:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 11:26 - 2013-09-23 14:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 11:06 - 2014-02-11 17:28 - 00013129 _____ () C:\Users\mp\Desktop\centron.xlsx
2015-01-14 10:14 - 2013-09-23 10:36 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 10:07 - 2013-09-23 10:36 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 09:49 - 2014-02-04 18:40 - 00001456 _____ () C:\Users\mp\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-01-13 16:45 - 2014-08-11 10:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-13 16:45 - 2013-09-24 15:22 - 00000000 ____D () C:\ProgramData\Skype
2015-01-13 14:11 - 2013-09-23 10:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-13 09:29 - 2013-10-03 12:40 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-01-13 08:58 - 2013-09-23 15:39 - 00000000 ____D () C:\KingBill GmbH
2015-01-12 14:28 - 2014-05-12 13:41 - 00000000 ____D () C:\Program Files (x86)\aevosys ERP-System
2015-01-09 10:31 - 2013-09-24 07:25 - 00003696 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2015-01-09 09:47 - 2013-09-24 12:45 - 00000000 ____D () C:\Users\mp\Documents\Visual Studio 2012
2015-01-08 09:06 - 2013-09-23 15:01 - 02099228 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-07 09:26 - 2014-09-16 08:18 - 00000000 ____D () C:\Program Files (x86)\MP3Gain
2015-01-06 04:36 - 2013-09-23 09:50 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-19 11:50 - 2013-11-07 10:56 - 00000000 ____D () C:\Users\mp\AppData\Roaming\SuperMailer
2014-12-19 11:32 - 2014-11-18 17:00 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-19 11:32 - 2013-09-26 10:38 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-12-17 09:16 - 2014-12-11 13:54 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-17 09:16 - 2014-12-11 13:44 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-12-17 09:15 - 2014-11-28 11:15 - 00000000 ____D () C:\Users\mp\AppData\Roaming\Opera Software
2014-12-17 09:15 - 2014-11-28 11:15 - 00000000 ____D () C:\Users\mp\AppData\Local\Opera Software
2014-12-17 09:15 - 2014-11-28 11:14 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-17 08:59 - 2013-09-24 12:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-17 08:36 - 2014-09-04 08:46 - 00000298 _____ () C:\Windows\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job
2014-12-17 08:36 - 2013-10-02 08:45 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4146716275-3925582995-2816791695-1000UA.job
2014-12-17 08:36 - 2013-10-02 08:45 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4146716275-3925582995-2816791695-1000Core.job
2014-12-17 08:36 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\mp\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\mp\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 13:09

==================== End Of Log ============================

--- --- ---

und

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by mp at 2015-01-16 08:59:52
Running from C:\Users\mp\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
"Nero SoundTrax Help (x32 Version: 4.0.15.0 - Nero AG) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{E407C8D7-09C6-4056-BFAD-68C5FD8340F0}) (Version: 1.3 - Eyeo GmbH)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
aevosys Enterprise Resource Planning (64 Bit) (HKLM-x32\...\{9ABC7777-28E8-408B-B8BB-1E589E211D17}) (Version: 4.0.0 - aevosys Enterprise Resource Planning)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4146716275-3925582995-2816791695-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.2.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artisteer 4 (HKLM-x32\...\Artisteer 4) (Version: 4.3 - Extensoft)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.0.445 - AVG Technologies)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.238 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.238 - AVG Technologies) Hidden
AVG Zen (Version: 1.0.445 - AVG Technologies) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
calibre (HKLM-x32\...\{E25A469A-2E07-40F5-8B9E-C13B1358A431}) (Version: 1.16.0 - Kovid Goyal)
calibre 64bit (HKLM\...\{D7EF00CB-86CC-4522-8F53-017468622BE5}) (Version: 1.24.0 - Kovid Goyal)
Citrix Online Launcher (HKLM-x32\...\{C1D35D06-E60A-4834-9B52-F1F3E65D03C9}) (Version: 1.0.239 - Citrix)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
CloudBerry S3 Explorer PRO 4.0 (HKLM\...\CloudBerry S3 Explorer PRO) (Version: 4.0 - CloudBerryLab)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Crystal Reports 9 (HKLM-x32\...\{27BD8D1A-D2E5-4AE5-AA0E-7E1DA6A627E3}) (Version: 9.2.0.4485 - Crystal Decisions, Inc.)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
DisplayLink Core Software (HKLM\...\{C2FE0D6B-1304-4E02-ACEE-C96E9F4AEECA}) (Version: 7.6.56275.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{0DEBFBC1-2B7E-4C3F-85E4-313ABF27E9FD}) (Version: 7.6.56443.0 - DisplayLink Corp.)
Documents To Go Desktop für iOS (HKLM-x32\...\DTGDesktop) (Version: 5.0000.013 - DataViz, Inc.)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.43.0.671 - Innovative Solutions)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ETDWare PS/2-X64 10.7.13.1_WHQL (HKLM\...\Elantech) (Version: 10.7.13.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Fast Flash Sleep Resume (x32 Version: 1.0.20 - Samsung) Hidden
FileZilla Client 3.10.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0.1 - Tim Kosse)
FMW 1 (Version: 1.0.307 - AVG Technologies) Hidden
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
Google Chrome (HKU\S-1-5-21-4146716275-3925582995-2816791695-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.28.01 - Hyperionics Technology LLC)
IETester v0.5.2 (remove only) (HKLM-x32\...\IETester) (Version: 0.5.2 - Core Services)
ifolor Designer (HKLM-x32\...\ifolor-Designer) (Version: 3.2.10.0 - Ifolor AG)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1021 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
KingBill 2013 (HKLM-x32\...\{E8CF2815-113F-4C53-BFCD-C59960CCBF0D}) (Version: 8.1.6 - KingBill GmbH)
KingBill 2015 (HKLM-x32\...\{86AC1B83-8E26-4C05-8F37-67E9B8646FBB}) (Version: 10.1.0 - KingBill GmbH)
K-Lite Codec Pack 10.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{C92556F2-4950-48CF-ABA3-F0026B05BCE8}) (Version: 8.05.1054 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{95CA4B5E-8EC5-40ED-83B3-5A7E566B8F38}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{0EEF1230-BAEE-4F7D-A772-4C266D400115}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{27630D03-A9F9-4320-850F-5F6DDB6EE206}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{137EE986-3C4A-4F64-B6BA-30A7E4BBBEEB}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{90E8C2E5-198C-4923-BC06-AF13E5FA964D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012-Richtlinien  (HKLM-x32\...\{1D4E365F-F39C-48BA-A995-CAEDFDA29AD1}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012-Setup (Deutsch) (HKLM\...\{0536940E-59A4-4C44-90DE-708E74E023E6}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{18558FE7-A87A-4063-9732-95E9E1420828}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - DEU (HKLM-x32\...\{B28DC16A-5394-3761-B143-450AE92516BB}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für das Web - DEU (HKLM-x32\...\{95e4a066-55df-43be-8e69-d9dde915896a}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{3ea69e8e-ae6e-445b-bc1d-809ecb789ec4}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 - DEU Language Pack (HKLM-x32\...\{38F74A0E-357B-336C-B614-FE59F4BC62A0}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 - DEU Language Pack (HKLM-x32\...\{96D7B7B6-424F-3A52-8E8D-32CF2615DBD2}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{11A90C1E-54A3-4164-90D4-BA1A1835E66D}) (Version: 11.2.5058.0 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM-x32\...\{A7C3B17E-C632-47D0-945F-2F40D3696DE3}) (Version: 15.0.09400 - Nero AG)
Nero 2014 Content Pack (HKLM-x32\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)
Nero 9 (HKLM-x32\...\{55bd8e24-ea57-45c7-92b0-b24cc93f8bbd}) (Version:  - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10274 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.04.06 (07.08.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.74.00(06.11.2012) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.32 (17.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.20.02 - Samsung Electronics Co., Ltd.) Hidden
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.16 (25.02.2013) - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2817430) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 für SQL Server 2012 (KB2958429) (64-bit) (HKLM\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SkyFonts™ (HKLM\...\{FF120142-9831-434A-8545-64868F254878}) (Version: 4.4.0.0 - Monotype Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SnagIt 6 (HKLM-x32\...\SnagIt6) (Version: 6.1 - TechSmith Corporation)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SoundTrax (x32 Version: 4.0.18.0 - Nero AG) Hidden
SQL Server 2012 BI Development Studio (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.2.5058.0 - Microsoft Corporation)
SuperMailer 8.00 (HKLM\...\Newsletter Software SuperMailer (x64)_is1) (Version: 8.00 - Mirko Boeer Softwareentwicklungen)
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Tresorit (HKLM-x32\...\{DA1BE088-B77D-4A56-843C-A683A71A6DF7}) (Version: 2.0.277.217 - Tresorit)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4146716275-3925582995-2816791695-1000_Classes\CLSID\{2F45F3DA-A983-39BD-B93C-6D98298215AD}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4146716275-3925582995-2816791695-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4146716275-3925582995-2816791695-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\mp\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4146716275-3925582995-2816791695-1000_Classes\CLSID\{D3F2C3B9-3581-3C43-ABDF-1F0B23304885}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4146716275-3925582995-2816791695-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mp\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

14-01-2015 10:07:24 Windows Update
15-01-2015 09:34:20 Removed PDF Architect
15-01-2015 10:07:09 Windows Update
15-01-2015 10:51:03 Installed Adblock Plus for IE (32-bit and 64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-15 09:22 - 00001148 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1		dnndev.me
127.0.0.1		dnndev1.me
127.0.0.1		dnndev2.me
127.0.0.1		wsj24.local
127.0.0.1		pod.local
127.0.0.1		heurigenkalender.me
127.0.0.1		local.cocoonsports.com
158.181.48.100 		reeltracks.at www.reeltracks.at


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00868669-0993-4A18-9893-E3C5C71A17A0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {01B179A8-F09F-47D4-B6E1-C65787E984A2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {022BDDBE-236A-48E7-8EE8-D9A3B5EBD5A1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {076115BB-01F4-44E0-AE86-9BE75DA69C2A} - System32\Tasks\AdobeAAMUpdater-1.0-dnn-mp => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {0997F94A-6125-4FEC-A618-572B66C38001} - System32\Tasks\Google Updater and Installer => C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-02] (Google Inc.)
Task: {0C5BE8AB-FB5A-4286-8D3A-28D0D90E77BD} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {0DCC2178-71F8-41EF-A6A2-53AD78C1366F} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-11-24] (AVG Technologies)
Task: {104310D5-B27C-43AE-8A34-99D9A5B34836} - System32\Tasks\Microsoft Office 15 Sync Maintenance for dnn-mp dnn => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: {14A7BA28-E547-4E64-B82D-EB8AD7C9A1E5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {33BACD50-53F2-4026-A97E-40E8B7C302D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)
Task: {3C57568E-2229-40BA-9F55-0AC2F64C3517} - System32\Tasks\{467A85F6-6734-4F4B-B527-B43028E3D836} => pcalua.exe -a C:\Users\mp\Desktop\chromeinstall-8u25.exe -d C:\Users\mp\Desktop
Task: {4D29D1F3-6739-45E6-ABB6-D6AE67AE1B22} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {506181B7-D720-4E44-B3DA-61C847A9B634} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-05] (Google Inc.)
Task: {50B4E392-F74D-4AD6-B557-CCE1322C5C66} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2012-03-30] (Samsung)
Task: {5C117C2D-68F1-468C-BE90-96C2491C3140} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6CFA834A-9B5A-4900-A7C7-144E2A0D2484} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {764A930B-6426-41BA-837C-2F9A7CABC483} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2014-10-17] (Innovative Solutions)
Task: {8310F31E-14C7-4C9A-A658-B37FC59DB279} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {8A496715-FBED-478A-B488-038E3C09728F} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-02-06] (Intel)
Task: {AC9F2FF8-3D8A-4468-AE39-F64E41A2D3E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4146716275-3925582995-2816791695-1000Core => C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-02] (Google Inc.)
Task: {B01502FE-86D4-4895-812E-5D340B169DEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {BB8366DC-5F2A-4C31-8DFC-AA7411935A96} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-26] (AVAST Software)
Task: {BCC4CA6A-1C27-4817-95C1-F50477DCF3E5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {C50AB2E7-776C-4ADC-BB62-EE029C61FB86} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {D42D95D9-2E98-49C9-937C-C12806F3C235} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {EBAD8360-EEC7-4089-91E6-36483ACBD9E9} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {F28B5D69-87D0-4EF1-84DA-99FA8F73DBE6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {F45179ED-D7B8-4B5C-839C-2E3C529AC5FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4146716275-3925582995-2816791695-1000UA => C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-02] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4146716275-3925582995-2816791695-1000Core.job => C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4146716275-3925582995-2816791695-1000UA.job => C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-09 09:51 - 2011-05-02 05:40 - 00034304 _____ () C:\Windows\System32\ssm1mlm.dll
2014-11-24 12:48 - 2014-11-24 12:48 - 00713528 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-11-26 09:05 - 2014-11-26 09:05 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-26 09:05 - 2014-11-26 09:05 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-11-24 12:49 - 2014-11-24 12:49 - 00856888 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2012-12-14 01:42 - 2012-12-14 01:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-01-15 09:36 - 2015-01-15 09:36 - 02910720 _____ () C:\Program Files\AVAST Software\Avast\defs\15011500\algo.dll
2014-11-26 09:05 - 2014-11-26 09:05 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-01-16 08:08 - 2015-01-16 08:08 - 02910720 _____ () C:\Program Files\AVAST Software\Avast\defs\15011502\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-26 09:05 - 2014-11-26 09:05 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-11 13:45 - 2014-12-11 13:45 - 31842816 _____ () C:\Program Files (x86)\AVG\Framework\Common\libcef.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4146716275-3925582995-2816791695-500 - Administrator - Disabled)
Gast (S-1-5-21-4146716275-3925582995-2816791695-501 - Limited - Disabled)
ipad (S-1-5-21-4146716275-3925582995-2816791695-1043 - Administrator - Enabled) => C:\Users\ipad
mp (S-1-5-21-4146716275-3925582995-2816791695-1000 - Administrator - Enabled) => C:\Users\mp

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-07-31 15:27:03.384
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\btmhsf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-31 15:27:03.165
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\btmhsf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-31 15:25:58.873
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\btmhsf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-31 15:25:58.717
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\btmhsf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 25%
Total physical RAM: 11989.54 MB
Available physical RAM: 8981.13 MB
Total Pagefile: 23977.25 MB
Available Pagefile: 20744.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:68.95 GB) NTFS
Drive d: (Daten) (Fixed) (Total:13.36 GB) (Free:3.58 GB) NTFS
Drive m: () (Network) (Total:1829.34 GB) (Free:1078.97 GB) 
Drive n: () (Network) (Total:1829.34 GB) (Free:1078.97 GB) 
Drive o: () (Network) (Total:1829.34 GB) (Free:1078.97 GB) 
Drive p: () (Network) (Total:1829.34 GB) (Free:1078.97 GB) 
Drive q: () (Network) (Total:1829.34 GB) (Free:1078.97 GB) 

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 825C7FEE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=13.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9 GB) - (Type=84)

==================== End Of Log ============================

cosinus · 16.01.2015, 09:48

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

dnastone · 16.01.2015, 11:26

einmal der log von malware

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.01.2015
Suchlauf-Zeit: 11:08:31
Logdatei: 
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.16.04
Rootkit Datenbank: v2015.01.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: mp

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 825294
Verstrichene Zeit: 11 Min, 14 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

und der log vom EST

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c46ad36bc5e1ba479f9299807cc0880a
# engine=21995
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-16 09:52:28
# local_time=2015-01-16 10:52:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 400357 185822438 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 9571 173031798 0 0
# scanned=461386
# found=0
# cleaned=0
# scan_time=2600

cosinus · 16.01.2015, 11:31

Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

dnastone · 16.01.2015, 11:48

die zwei werbefenster öffnen sich immer noch

cosinus · 16.01.2015, 12:09

Erstell dir mal ein neues Profil und teste:

Firefox => http://support.mozilla.com/de/kb/Profile%20verwalten
Chrome => https://support.google.com/chrome/answer/3296214?hl=de

15.01.2015, 12:28	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	google chrome öffnet werbetabs - immer zwei stück Sagmal lieber dnastone, möchtest du oder kannst du die o.g. Tools nicht ausführen? Bitte auch das letzte MBAM Log posten __________________ Logfiles bitte immer in CODE-Tags posten

16.01.2015, 12:09	#22
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	google chrome öffnet werbetabs - immer zwei stück Erstell dir mal ein neues Profil und teste: Firefox => http://support.mozilla.com/de/kb/Profile%20verwalten Chrome => https://support.google.com/chrome/answer/3296214?hl=de __________________ Logfiles bitte immer in CODE-Tags posten

google chrome öffnet werbetabs - immer zwei stück

Log-Analyse und Auswertung: google chrome öffnet werbetabs - immer zwei stück