Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: db22.exe wurde von Stinger gefunden aber nicht gelöscht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.01.2015, 20:27   #1
ronark
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Hallo,

bin neu hier.

Auf meinem Rechner wurde eine Datei db22.exe gefunden und von McAffee als Trojaner eingestuft. Die Datei wurde aber nicht gelöscht. Kann ich die einfach so löschen?
Die Datei liegt in C:\windows\temp\

Ich vermute, dass die Anwendung viele Ressourecen frisst. Außerdem höre ich ab und zu aus den Lautsprechern sowas wie Radio. Nur ganz kurz.

Habe den Thread "Musik wird im Hintergrund abgespielt" gelesen. Bin aber nicht so richtig schlau draus geworden.

Kann mir bitte jemand helfen?

Danke, Ronark

Alt 15.01.2015, 20:28   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 15.01.2015, 20:32   #3
ronark
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Der Scan mit Stinger läuft noch. Deshalb habe ich noch kein Log-File.

Das ist schon der 2. Lauf mit Stinger. Beim ersten hatte er die db22.exe 2-mal gefunden und eine davon gelöscht.
__________________

Alt 15.01.2015, 20:34   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Bitte nicht auf Stinger allein rumreiten.
Die Frage war auch, ob andere Scanner was gefunden haben.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.01.2015, 20:40   #5
ronark
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



die MS Security Essentials haben nichts gefunden.


Alt 15.01.2015, 20:47   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Ok. Und weiter? Was ist mit anderen Scannern, kamen welche zum Einsatz?

FRST Logs fehlen auch noch.
__________________
--> db22.exe wurde von Stinger gefunden aber nicht gelöscht

Alt 15.01.2015, 20:55   #7
ronark
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Der Stinger läuft noch. Hatte ihn vor zweieinhalstunden über das komplette C LW geschickt. Weitere Scanner habe ich nicht.
Jetzt hat Stinger die db22.exe gelöscht. Ich bezweifele aber, dass das reicht. Das File wird vermutlich wieder automatisch aus dem INET nachgeladen.
Muss jetzt erstmal warten bis Stinger durch ist. Hat wohl keinen Zweck parallel FRST zu installieren und dann zu starten.

Alt 15.01.2015, 21:01   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Stinger hat hier keine Relevanz. Genauso gut kannst du es abbrechen. Spiel bei Analysen und Bereinigen garkeine Rolle das Tool.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.01.2015, 21:17   #9
ronark
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



ok. Installiere jetzt FRST und scanne.


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015 01
Ran by RAaM2 (administrator) on RAINER-PC on 15-01-2015 21:10:53
Running from C:\Users\RAaM2\Downloads
Loaded Profiles: RAaM2 (Available profiles: RAaM2 & Sarah & Christa & Gast)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(REINER SCT) C:\Windows\System32\cjpcsc.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
() C:\Program Files\002\yewimmxqbs32.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Windows\System32\UMonit.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Avid Technology, Inc.) C:\Windows\System32\dgfwcpl.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Google Quick Search Box] => C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [122880 2009-11-27] (Google Inc.)
HKLM\...\Run: [NetFxUpdate_v1.1.4322] => C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [106496 2004-08-10] (Microsoft)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-09-13] (CANON INC.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [UMonit] => C:\Windows\system32\UMonit.exe [200704 2007-06-18] ()
HKLM\...\Run: [BigDog303] => C:\Windows\VM303_STI.EXE [61440 2006-01-24] (Vimicro)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Path] => C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe [1989632 2012-06-08] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2707992 2014-09-03] (Sony Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-27] (Google Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [Google Update] => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [SkyDrive] => C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1565504 2014-12-16] (Samsung)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-12-16] (Samsung)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\MountPoints2: {46bb24e7-c704-11e2-bb50-4061864d3aa8} - F:\setup_vmb_lite.exe /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com/
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> DefaultScope {4128802F-8A28-42C8-A441-F464AA11DDFD} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_deDE355
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {16639E9F-A73B-4829-BF1B-C8E7FA2A33A7} URL = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {17E5117F-F86D-40CA-B89B-2C5B34D78C4B} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearch-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {2BE66F85-635A-44FC-96C2-6CF411D6FAFE} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {4128802F-8A28-42C8-A441-F464AA11DDFD} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_deDE355
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {7616FC6D-7F42-41D3-8FAA-C4F318003C6D} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {945F02B5-2F33-4B96-8841-835C510EC8C2} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {A8A65AC0-056A-4CEE-9936-3FE3098CF4EA} URL = hxxp://suche.t-online.de/fast-cgi/tsc?q={searchTerms}&sr=searchbar
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {BC87AC6A-4758-4D2A-94EC-84CD4274D282} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {BCB7F24B-F6E1-4BB1-BE9E-BF32BFE7DEA4} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&index=blended&linkCode=ur2&camp=1638&creative=6742&tag=iepluginsearch-21
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {D691082F-E5F2-40CE-8941-3106EBE25670} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {EFDAAA28-5D6C-40C3-80EF-43B71364A10F} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD3FF62E-61A7-48EE-A4A4-97CE7BD1F99D} https://eplace-eu.solvay.com/postauthACC/SodaAgent.CAB
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: @tools.google.com/Google Update;version=3 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: @tools.google.com/Google Update;version=9 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\RAaM2\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default\searchplugins\conduit.xml
FF Extension: vis - C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2013-11-13]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-31]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-01]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-22]
FF HKLM\...\Firefox\Extensions: [ClickPotatoLite@ClickPotatoLite.com] - C:\Program Files\ClickPotatoLite\bin\10.0.628.0\firefox\extensions
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-05-27]
FF HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Profile: C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DER SPIEGEL) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpbllkmchckcndlogpofcepplhndlg [2012-11-16]
CHR Extension: (Quick Sidebar) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd [2014-06-15]
CHR Extension: (Google Drive) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Google Cast) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-03-20]
CHR Extension: (Adblock Plus) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-01]
CHR Extension: (Kindle Cloud Reader) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2014-11-11]
CHR Extension: (Google-Suche) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (hxxp://tunein.com/) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dblgfaikinhoidnoieheigjobmlkhcjc [2013-06-30]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-05-27]
CHR Extension: (Google News) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-01-10]
CHR Extension: (Simple Google bookmarks) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobhkcpfdpfhghdmiecokllfjiemfmgm [2012-10-22]
CHR Extension: (Cut the Rope) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2012-12-31]
CHR Extension: (Dropbox) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-04-05]
CHR Extension: (SoundCloud) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2013-04-06]
CHR Extension: (Scratchpad) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjebfhglflhjjjiceimfkgicifkhjlnm [2012-11-16]
CHR Extension: (Super Mario Flash 2 Spiel) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbkkfblonehbjjkdfiejflknbokmame [2013-09-23]
CHR Extension: (Google Play) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2012-12-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-10]
CHR Extension: (Google Maps) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-01-10]
CHR Extension: (OneDrive) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2013-04-03]
CHR Extension: (LocalChromecast Player) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp [2014-03-25]
CHR Extension: (Google Wallet) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2012-11-24]
CHR Extension: (TV Movie Fernsehprogramm) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\omigcnbanchckjpihkioagdjjdhkhhdh [2013-10-05]
CHR Extension: (Wetter) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\paafljigflaodeomfbpjcggedcilkoop [2013-01-10]
CHR Extension: (Quick start) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-06-15]
CHR Extension: (Google Mail) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\RAaM2\AppData\Roaming\BabSolution\CR\Delta.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files\RelevantKnowledge\rlcm.crx [Not Found]
CHR HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR StartMenuInternet: Google Chrome - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1155072 2009-02-03] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-04-18] (Teruten) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-03-26] (Nitro PDF Software)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [484888 2014-09-03] (Sony Corporation)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S3 PS3 Media Server; C:\Program Files\PS3 Media Server\win32\service\wrapper.exe [217088 2008-08-17] () [File not signed]
R2 ReflectService; C:\Program Files\Macrium\Reflect\ReflectService.exe [220128 2009-11-12] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2009-07-27] () [File not signed]
S2 SamsungAllShareV2.0; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-01-19] (Samsung Electronics Co., Ltd.)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [File not signed]
S3 SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 Verifies and fixes application compatibility issues; C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [91304 2015-01-12] ()
R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
R2 yewimmxqbs32; C:\Program Files\002\yewimmxqbs32.exe [541696 2014-04-27] () [File not signed]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) [File not signed]
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28144 2011-03-29] (REINER SCT)
S3 DIGIFW; C:\Windows\System32\DRIVERS\digifw.sys [167952 2010-10-23] (Avid Technology, Inc.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2013-05-23] (Logitech, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [50704 2009-10-20] (CACE Technologies, Inc.)
S3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
S3 PSMounter; C:\Windows\system32\drivers\psmounter.sys [32736 2009-11-12] (Macrium Software)
R0 pssnap; C:\Windows\System32\DRIVERS\pssnap.sys [15328 2008-05-20] (Macrium Software)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions) [File not signed]
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation                           )
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [93304 2010-09-26] (PACE Anti-Piracy, Inc.)
R3 TrdCap; C:\Windows\System32\DRIVERS\TrdCap.sys [1554472 2010-06-09] (Trident Microsystems, Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 ZMGHPAudioSrv; C:\Windows\System32\drivers\zmghpau.sys [38016 2011-02-18] (ZOOM)
S3 ZSMC303; C:\Windows\System32\Drivers\usbVM303.sys [391300 2006-02-23] (Vimicro Corporation)
R0 mfehidk; system32\drivers\mfehidk.sys [X]
S0 mferkdet; system32\drivers\mferkdet.sys [X]
S1 muhilvre; \??\C:\Windows\system32\drivers\muhilvre.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S2 WiseFS; \??\H:\Folders\Software\WFH\Wise Folder Hider\WiseFs32.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 21:10 - 2015-01-15 21:12 - 00036581 _____ () C:\Users\RAaM2\Downloads\FRST.txt
2015-01-15 21:10 - 2015-01-15 21:11 - 00000000 ____D () C:\FRST
2015-01-15 21:08 - 2015-01-15 21:09 - 01116672 _____ (Farbar) C:\Users\RAaM2\Downloads\FRST.exe
2015-01-15 18:11 - 2015-01-15 21:05 - 00001287 _____ () C:\Users\RAaM2\Downloads\Stinger_15012015_181146.html
2015-01-15 18:11 - 2015-01-15 18:11 - 00179600 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe.e39d.deleteme
2015-01-15 17:30 - 2015-01-15 17:57 - 00000865 _____ () C:\Windows\setupact.log
2015-01-15 17:30 - 2015-01-15 17:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 16:45 - 2015-01-15 14:05 - 04188536 _____ (Piriform Ltd) C:\Users\RAaM2\Downloads\ccsetup501_slim.exe
2015-01-15 16:43 - 2015-01-15 21:09 - 00000114 ___RH () C:\Users\RAaM2\Downloads\Stinger.opt
2015-01-15 13:32 - 2015-01-15 13:32 - 00014029 _____ () C:\Users\RAaM2\Downloads\hijackthis.log
2015-01-15 13:22 - 2015-01-15 13:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\RAaM2\Downloads\HiJackThis204.exe
2015-01-15 13:13 - 2015-01-15 13:13 - 00000000 ____D () C:\Quarantine
2015-01-15 13:07 - 2015-01-15 16:38 - 00001073 _____ () C:\Users\RAaM2\Downloads\Stinger_15012015_130717.html
2015-01-15 13:06 - 2015-01-15 21:09 - 00000000 ____D () C:\Program Files\stinger
2015-01-15 13:00 - 2015-01-15 13:04 - 11165552 _____ (McAfee Inc) C:\Users\RAaM2\Downloads\stinger32.exe
2015-01-14 17:28 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 17:28 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:27 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:27 - 2014-12-11 18:47 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:27 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:26 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:17 - 2015-01-14 17:52 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Compatibility Verifier
2015-01-13 20:08 - 2015-01-15 21:07 - 00000112 _____ () C:\ProgramData\W4Gisl.dat
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-13 20:06 - 2015-01-15 17:35 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-01-13 20:06 - 2015-01-15 17:35 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-01-01 18:05 - 2014-10-13 06:57 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-01-01 18:05 - 2014-10-13 06:57 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-12-28 19:40 - 2014-12-28 19:40 - 00001221 _____ () C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TrayIt!.lnk
2014-12-28 19:39 - 2014-12-28 19:39 - 00000000 ____D () C:\Program Files\trayit_4_6_5_5
2014-12-28 19:35 - 2014-12-28 19:35 - 00000000 ____D () C:\Users\RAaM2\Downloads\nw_7668_trayitzip
2014-12-28 19:33 - 2014-12-28 19:33 - 00335253 _____ () C:\Users\RAaM2\Downloads\nw_7668_trayitzip.zip
2014-12-19 15:21 - 2014-12-19 15:21 - 04330507 _____ () C:\Users\RAaM2\Downloads\Tip0000-Download-Paket-Demo.zip
2014-12-18 12:05 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 21:11 - 2014-01-02 12:16 - 00000000 ____D () C:\Program Files\StarMoney 9.0 S-Edition
2015-01-15 20:56 - 2009-11-27 21:31 - 01072621 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 20:35 - 2013-10-04 16:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 20:33 - 2010-02-15 22:55 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 20:15 - 2011-07-22 21:58 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000UA.job
2015-01-15 18:06 - 2009-07-14 05:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 18:06 - 2009-07-14 05:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 17:32 - 2013-04-05 19:39 - 00000000 ___RD () C:\Users\RAaM2\Dropbox
2015-01-15 17:32 - 2013-04-05 19:34 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Dropbox
2015-01-15 17:32 - 2013-04-03 15:10 - 00000000 ___RD () C:\Users\RAaM2\SkyDrive
2015-01-15 17:31 - 2013-01-26 20:32 - 00000000 ___RD () C:\Users\RAaM2\Google Drive
2015-01-15 17:30 - 2014-07-14 18:35 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat
2015-01-15 17:30 - 2010-02-15 22:55 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 17:30 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 17:14 - 2010-05-09 20:30 - 00000000 ____D () C:\Windows\Minidump
2015-01-15 17:11 - 2013-08-15 23:30 - 00000000 ____D () C:\Users\RAaM2\Desktop\Tools
2015-01-15 16:47 - 2014-01-29 13:10 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-15 12:15 - 2011-07-22 21:58 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000Core.job
2015-01-14 18:36 - 2012-10-24 17:25 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-14 18:36 - 2011-05-16 12:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-14 17:12 - 2013-08-15 23:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 16:45 - 2009-09-24 16:13 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 15:36 - 2009-11-27 21:31 - 00000000 ____D () C:\Users\RAaM2
2015-01-14 15:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-14 15:34 - 2014-10-10 17:19 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Telegram Win (Unofficial)
2015-01-14 15:34 - 2013-08-15 23:28 - 00000000 ____D () C:\Users\RAaM2\Desktop\Handy
2015-01-14 15:34 - 2013-07-03 14:56 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-14 15:34 - 2012-03-10 15:38 - 00000000 ____D () C:\Users\Sarah
2015-01-14 15:34 - 2010-10-24 13:21 - 00000000 ____D () C:\Users\Christa
2015-01-14 15:34 - 2010-07-10 16:42 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-01-14 15:34 - 2010-01-16 12:23 - 00000000 ____D () C:\Users\Gast
2015-01-14 15:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-14 15:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-01-14 15:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-13 22:45 - 2009-09-24 15:43 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-02 17:15 - 2009-12-05 20:19 - 00000404 _____ () C:\Windows\Tasks\1-Klick-Wartung.job
2015-01-01 14:41 - 2013-11-12 23:15 - 00000000 ____D () C:\Users\RAaM2\Documents\SelfMV
2014-12-31 12:13 - 2009-10-05 17:03 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-23 19:41 - 2012-08-03 16:13 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Skype
2014-12-22 21:22 - 2014-10-22 14:02 - 00000000 ___RD () C:\Program Files\Skype
2014-12-22 21:22 - 2012-08-03 16:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 15:25 - 2009-12-05 01:01 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\vlc
2014-12-17 21:27 - 2009-12-02 23:08 - 00002648 _____ () C:\Users\RAaM2\AppData\Roaming\wklnhst.dat
2014-12-17 17:45 - 2013-04-05 19:36 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Files to move or delete:
====================
C:\ProgramData\W4Gisl.dat


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\{7815BC09-5CB0-49E5-B205-E2E29FD09BC9}-21.0.1180.60_chrome_installer.exe
C:\Users\RAaM2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9tjfpi.dll
C:\Users\RAaM2\AppData\Local\Temp\repair4.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-31 09:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 15.01.2015, 21:17   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Zukünftig bitte beachten:
Zitat:
Running from C:\Users\RAaM2\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.01.2015, 21:18   #11
ronark
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2015 01
Ran by RAaM2 at 2015-01-15 21:13:06
Running from C:\Users\RAaM2\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Adobe® Photoshop® Album Starter Edition 3.2 (HKLM\...\Adobe® Photoshop® Album Starter Edition 3.2) (Version: 3.2.0 - hxxp://www.adobe.de)
ALDI Foto Service (HKLM\...\ALDI Foto Service D) (Version: 4.5.9.141 - MAGIX AG)
ALDI Nord Foto Manager Free (HKLM\...\ALDI Nord Foto Manager Free D) (Version: 6.0.1.491 - MAGIX AG)
Aldi Nord Fotoservice (HKLM\...\Aldi Nord Fotoservice_is1) (Version:  - )
ALDI Nord Online Druck Service (HKLM\...\ALDI Nord Online Druck Service D) (Version: 4.5.1.0 - MAGIX AG)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version:  - )
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AudioCon (HKLM\...\AudioCon) (Version: 1.0 - Basement Softworks)
Audiograbber 1.83 SE  (HKLM\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avid Mbox 2 Pro Driver (x86) (HKLM\...\{DEE30D6A-B4B5-4F34-9554-312DD969F5EA}) (Version: 9.0 - Avid Technology, Inc.)
BestPractice (remove only) (HKLM\...\BestPractice) (Version:  - )
CamStudio (HKLM\...\CamStudio) (Version:  - )
CamStudio Lossless Codec v1.4 (HKLM\...\CamStudio Lossless Codec_is1) (Version:  - (c) 2003 RenderSoft Software, Modifications Copyright © 2008 Jake P.)
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 1.1 (HKLM\...\MP Navigator EX 1.1) (Version:  - )
Canon MX850 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX850_series) (Version:  - )
Canon MX850 series Benutzerregistrierung (HKLM\...\Canon MX850 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Cartoonist 1.3 (HKLM\...\Cartoonist_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cheatbook Database 2010 (HKLM\...\Cheatbook Database 2010) (Version:  - )
ClipGrab 3.2.0.10 (HKLM\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel MediaOne (HKLM\...\{A062A15F-9CAC-4B88-98DF-87628A0BD721}) (Version: 2.100.0000 - Corel Corporation)
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version:  - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
cyberJack Base Components (HKLM\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2024 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3121 - CyberLink Corp.)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6622 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3213 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2214 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2010 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.6720 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2129 - CyberLink Corp.)
DE (Version: 3.0 - Corel Corporation) Hidden
Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.9.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Plus Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 2.0.0 - DivX,Inc.)
Dropbox (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DVBViewer Pro (HKLM\...\DVBViewer Pro_is1) (Version: 5.2.8 - CM&V)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
DVDStyler v2.2 (HKLM\...\DVDStyler_is1) (Version:  - )
eLicenser Control (HKLM\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
Eraser 6.0.7.1893 (HKLM\...\{38BA2875-D7AD-4611-ABA3-C385051ADF42}) (Version: 6.7.1893 - The Eraser Project)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
EXIF Date Changer v2.5 (HKLM\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version:  - Rellik Software)
Firebird SQL Server - MAGIX Edition (HKLM\...\{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}) (Version: 2.1.23.0 - MAGIX AG)
FormatFactory 3.1.1 (HKLM\...\FormatFactory) (Version: 3.1.1 - Free Time)
Free YouTube Download version 3.2.1.320 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.1.320 - DVDVideoSoft Ltd.)
FreeFileSync 5.11 (HKLM\...\FreeFileSync) (Version: 5.11 - Zenju)
FreeRIP v3.42 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 3.42 - MGShareware)
Frets On Fire (HKLM\...\Frets on Fire) (Version: 1.3.110-win32 - )
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version:  - )
Genesys USB Mass Storage Device (HKLM\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 2.5.0.0 - Genesys Logic)
GeoSetter 3.4.16 (HKLM\...\GeoSetter_is1) (Version:  - Friedemann Schmidt)
Google Chrome (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google-Schnellsuchfeld (HKLM\...\Quick Search Box) (Version: 1.2.1151.245 - Google, Inc.)
GPS-Track-Analyse.NET 6.0 (HKLM\...\GPS-Track-Analyse.NET 6.0_is1) (Version:  - )
G-Series_ASIO32 (HKLM\...\{8791C74C-2FFD-11E0-B2E6-00269E8DC781}) (Version: 1.1.2 - ZOOM)
HandBrake 0.10.0 (HKLM\...\HandBrake) (Version: 0.10.0 - )
Hardcopy (C:\Program Files\Hardcopy) (HKLM\...\Hardcopy(C__Program Files_Hardcopy)) (Version: 16.1.05 - )
Interlok driver setup x32 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.0 - PACE Anti-Piracy, Inc.)
IrfanView (remove only) (HKLM\...\IrfanView) (Version:  - )
iriver plus 3 (remove only) (HKLM\...\iriver plus 3) (Version:  - )
ITN Converter 1.82 (HKLM\...\ITN Converter_is1) (Version: 1.82 - Benichou Software)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 17 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170170}) (Version: 1.7.0.170 - Oracle)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kastor - Stream Recorder V 1.0 (HKLM\...\{CB84FEF6-C573-4328-B9A4-B29568A4E10E}_is1) (Version: 1.0.0.0 - KastorSoft)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
LAV Filters 0.58.1 (HKLM\...\lavfilters_is1) (Version: 0.58.1 - Hendrik Leppkes)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Lupas Rename 2000 v4.2 (HKLM\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
Macrium Reflect - Free Edition (HKLM\...\{EB85CC54-5E9A-4D33-B319-593B82291ABC}) (Version: 4.2.2098 - Macrium)
MAGIX Video deLuxe 2006 PLUS (D) (HKLM\...\MAGIX Video deLuxe 2006 PLUS D) (Version: 5.5.0.31 - MAGIX AG)
MAGIX Xtreme Foto Designer 6 6.0.19.0 (D) (HKLM\...\MAGIX Xtreme Foto Designer 6 D) (Version: 6.0.19.0 - MAGIX AG)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MEDION Fotos auf CD & DVD SE Nord (HKLM\...\MEDION Fotos auf CD & DVD SE Nord D) (Version: 8.0.3.4 - MAGIX AG)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
MergeModule_x86 (Version: 9.0.00 - Sony Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM\...\M953297) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 4 Converter (HKLM\...\{D18AF23E-AB28-4040-9396-28413B2C3B41}) (Version: 9.8.0000 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM\...\{172423F9-522A-483A-AD65-03600CE4CA4F}) (Version: 9.7.0000 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
MidiEditor (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\MidiEditor) (Version:  - )
MotoGP URT 3 (HKLM\...\MotoGP URT 3_is1) (Version:  - THQ)
Movie Converter (remove only) (HKLM\...\Movie Converter) (Version:  - )
MozBackup 1.4.9 (HKLM\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 12.0 (x86 de) (HKLM\...\Mozilla Firefox 12.0 (x86 de)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
Mozilla Thunderbird (3.1.11) (HKLM\...\Mozilla Thunderbird (3.1.11)) (Version: 3.1.11 (de) - Mozilla)
Mp3tag v2.41 (HKLM\...\Mp3tag) (Version: v2.41 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\MyFreeCodec) (Version:  - )
Nitro Reader 3 (HKLM\...\{5027D37B-3677-4F16-9501-A42288EBDB31}) (Version: 3.5.2.10 - Nitro)
No23 Recorder (HKLM\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Node.js (HKLM\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM\...\Notepad++) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Paragon Partition Manager™ 12 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Password Safe (HKLM\...\Password Safe) (Version:  - )
PC Connectivity Solution (HKLM\...\{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}) (Version: 9.45.0.0 - Nokia)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
PlayMemories Home (HKLM\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.0.00.09031 - Sony Corporation)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PMB_ModeEditor (Version: 9.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (Version: 9.0.00 - Sony Corporation) Hidden
Power Tab Editor 1.7 (HKLM\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
Presto! PageManager 7.15.20 (HKLM\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.20 - NewSoft Technology Corporation)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PS3 Media Server (HKLM\...\PS3 Media Server) (Version:  - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RecordPad Sound Recorder (HKLM\...\Recordpad) (Version:  - NCH Software)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Richard Burns Rally (HKLM\...\{92C7D009-A464-4948-A980-7A3E28CB2F49}) (Version: 1.00.000 - )
Rubik's Games (HKLM\...\Rubik's Games) (Version:  - )
Samsung AllShare (HKLM\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
ScanSoft OmniPage SE 4 (HKLM\...\{66B4C110-8BEB-49B5-824E-C70AEEB20ECD}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Secret Maryo Chronicles (HKLM\...\secretmaryo) (Version: 1.9 - Florian Richter)
Secret Maryo Chronicles Music Pack (HKLM\...\secretmaryo_music) (Version: 4.1 - Florian Richter)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarMoney (Version: 2.0 - StarFinanz) Hidden
StarMoney (Version: 3.0.2.50 - StarFinanz) Hidden
StarMoney (Version: 4.0.2.34 - StarFinanz) Hidden
StarMoney 8.0 S-Edition (HKLM\...\{87F3F20B-5CF8-40DA-B044-4E714E203006}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0 S-Edition (HKLM\...\{95686B93-9738-4F0A-BB2A-212B6943F057}) (Version: 9.0 - Star Finanz GmbH)
StationRipper 2.93B (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\StationRipper) (Version: 2.93B - Ratajik Software)
Steinberg HALionOne (HKLM\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg Sequel 2 Trial Content (HKLM\...\{DF584D4A-2619-41BE-9515-AAB18439D393}) (Version: 2.0.0.351 - Steinberg Media Technologies GmbH)
Steinberg Sequel LE 2 (HKLM\...\{7146D087-B853-4E00-BB52-883DCE99F155}) (Version: 2.0.5 - Steinberg Media Technologies GmbH)
SUPER © Version 2010.bld.37 (Jan 2, 2010) (HKLM\...\SUPER ©) (Version: Version 2010.bld.37 (Jan 2, 2010) - eRightSoft)
Switch Sound File Converter (HKLM\...\Switch) (Version:  - NCH Software)
SyncToy 2.1 (x86) (HKLM\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
Telegram Desktop version 0.7.6 (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.7.6 - Telegram Messenger LLP)
The Nomad Soul (HKLM\...\The Nomad Soul) (Version:  - )
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Titanium Studio (HKLM\...\Titanium Studio) (Version: 3.1.1 - Appcelerator, Inc.)
Tracktion (HKLM\...\Tracktion4) (Version:  - )
Update Manager (Version: 4.60 - Corel Corporation) Hidden
URL Snooper v2.27.01 (HKLM\...\URLSnooper 2_is1) (Version:  - DonationCoder.com)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VideoPad Video Editor (HKLM\...\VideoPad) (Version:  - NCH Software)
VirtualDub Filter Pack 1.1 (HKLM\...\VirtualDub Filter Pack_is1) (Version:  - Infognition Co. Ltd.)
VIS (HKLM\...\VIS) (Version:  - ) <==== ATTENTION
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
VSDC Free Video Editor Version 2.1.9.211 (HKLM\...\VSDC Free Video Editor_is1) (Version: 2.1.9.211 - Flash-Integro LLC)
WavePad Sound Editor (HKLM\...\WavePad) (Version:  - NCH Software)
WD Quick View (HKLM\...\{C58994CF-D15D-41E3-A03B-587B39EAA903}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{752EC2DC-0313-435A-BF9A-9B02927C049A}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.1.9 - Shark007)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )
XAMPP (HKLM\...\xampp) (Version: 1.8.2-2 - BitNami)
XMedia Recode 2.1.4.8 (HKLM\...\XMedia Recode) (Version: 2.1.4.8 - Sebastian Dörfler)
Zebra 3 (HKLM\...\{10D41532-9935-460A-8AC4-64E9614CB04E}) (Version: 1.0.0 - Klett Verlag GmbH)
ZOOM Edit&Share for Windows (HKLM\...\{E99B8E1C-262D-49E6-9A84-D2AC486B2648}) (Version: 5.00.0000 - ZOOM Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\RAaM2\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611}\InprocServer32 -> C:\Program Files\Macrium\Reflect\RShellExt.dll (Paramount Software UK Ltd)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

26-12-2014 18:10:44 Windows Update
28-12-2014 19:00:41 Windows-Sicherung
30-12-2014 12:18:15 Windows Update
13-01-2015 17:07:25 Windows Update
13-01-2015 17:14:08 Windows-Sicherung
13-01-2015 20:06:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 11:57:22 Wiederherstellungsvorgang
14-01-2015 13:26:05 Windows Update
14-01-2015 13:29:36 Windows-Sicherung
14-01-2015 15:26:58 Wiederherstellungsvorgang
14-01-2015 15:40:05 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 16:44:49 Windows Update
14-01-2015 17:20:19 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 17:53:11 Windows Update
14-01-2015 18:01:36 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 18:34:05 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 20:25:54 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {019D783D-DB94-4694-B95A-BDC4512EAD3B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {03DAB6B5-8876-4594-A1A3-48EEE2B72CF3} - System32\Tasks\{ADCA8631-7C7D-4BB1-BD6A-164C482A8C2B} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {0467EEA8-3E2C-4216-B86E-797865254649} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000UA => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {04C64550-C726-4A0B-85F1-00D87A127BAC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {07A1C535-F579-4666-A22E-0AAD82E45B0D} - System32\Tasks\{33F2EBAD-215B-4165-8A6A-E311315E2C8D} => C:\Program Files\Project64 1.6\Project64.exe [2005-04-01] ()
Task: {097CD8A5-14ED-4891-BCEC-936474E43335} - System32\Tasks\{97A1201B-8983-47AD-9B48-6F1630FB36DC} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {1556A58E-27BD-47BB-88C7-0DF0AA864353} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {15AF40CE-95C4-4B93-A65D-F693613E0605} - System32\Tasks\{CE22A2A8-0EDF-45EC-A86A-5120707C24D9} => C:\MAGIX\Video_deLuxe_2006_PLUS\VideodeLuxe.exe [2006-06-14] (MAGIX AG)
Task: {175AD2BA-364C-49A0-883A-5D26738413DA} - System32\Tasks\{F1EBC007-5A7A-46C0-83AA-F4F8C719F628} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {187E44F8-A384-4553-B51D-33EAC93F1950} - System32\Tasks\{6EC45BB9-22D7-4307-98CD-33C3AE83AE15} => C:\MAGIX\Video_deLuxe_2006_PLUS\VideodeLuxe.exe [2006-06-14] (MAGIX AG)
Task: {1AA0B8E1-901D-45B4-B043-50AB3411D839} - System32\Tasks\{AE8B22B8-ABA7-4079-B91E-C7ED7847D89B} => pcalua.exe -a "C:\Users\RAaM2\Downloads\Neuer Download\vcredist_x86.exe" -d "C:\Users\RAaM2\Downloads\Neuer Download"
Task: {1E151774-5459-4D5D-8B65-13D881C1FC83} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2E046C9E-EFAD-452B-97B0-34D9486ABCE8} - System32\Tasks\{E7D5220E-AF6F-4269-BDEA-1586F80731D2} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {32E625A5-7C31-44F5-8599-87949871C1D2} - System32\Tasks\{C980546F-B754-4536-AD88-3731BDCAA6D1} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {34521D69-C0E7-49D2-8056-38CB7CD8BE6E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {35A4D229-81D6-490B-B9DD-E7BAF650673A} - System32\Tasks\{9BFF994D-B78E-4038-B3CA-D7AB95F96736} => Chrome.exe hxxp://ui.skype.com/ui/0/4.2.0.187/de/go/help.faq.installer?LastError=1603
Task: {37598CF9-FB9B-4F03-AA33-9164DC30D05E} - System32\Tasks\{A24F35DC-E365-454A-B462-6A76DB3220BC} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {3FD986E6-786E-4B80-9EA4-074D462E6DF1} - System32\Tasks\{99D2A16C-528E-4968-8891-2DC280C2B5BC} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {4385C8C7-112D-4969-9000-D52CA516F06D} - System32\Tasks\{54BF46E5-AEB3-4152-BC93-F4DDFC988C94} => C:\Program Files\Kinstone Video Power\VideoPower.exe
Task: {4A58290C-3401-4598-99F9-05EFF9B3FC20} - System32\Tasks\{BA994F75-EE10-45A6-8553-3BB35005A26F} => pcalua.exe -a "C:\Users\RAaM2\Downloads\Magix Xtrme Foto Designer 6\free_xtremefotodesigner6_de.exe" -d "C:\Users\RAaM2\Downloads\Magix Xtrme Foto Designer 6"
Task: {4AAB949C-B0C1-46EE-A131-62A8C3BEA1A3} - System32\Tasks\neoKiKA 02.09.2014 23-41-00 => C:\Program Files\DVBViewer\dvbviewer.exe [2013-10-09] (CM&V Hackbart)
Task: {4B5154FA-3870-4F54-9B7B-D4054574062D} - System32\Tasks\{5F683722-6637-4ECF-B189-11AF0C95138A} => pcalua.exe -a "C:\Users\RAaM2\Downloads\StarMoney 7.0\smoney_m_4_0_25050180_3_.exe" -d "C:\Users\RAaM2\Downloads\StarMoney 7.0"
Task: {4DA7CC83-870B-49BE-9B98-0ED3A9A3B257} - System32\Tasks\{6788DE74-C5C7-4AA8-AD3C-AD68FAC5AD27} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {54D26981-1528-4631-B95F-CDCD31764F4A} - System32\Tasks\neoKiKA 02.09.2014 22-41-00 => C:\Program Files\DVBViewer\dvbviewer.exe [2013-10-09] (CM&V Hackbart)
Task: {57D6827E-A5AB-44D6-8B9C-03042011383E} - System32\Tasks\{041D8794-2E36-435B-8E2E-5723D6A2DBB8} => C:\Program Files\Project64 1.6\Project64.exe [2005-04-01] ()
Task: {5BFD0C98-B9EF-49C4-A329-9F952787F9CB} - System32\Tasks\SyncToy\SyncToy Test => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe [2009-10-19] (Microsoft Corporation)
Task: {6DA33AFC-42FA-41E5-8DFE-30AA03E8C299} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {75F9A913-FAE3-4C34-B9B8-F7B4AB7AA64E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000Core => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {7877CFB3-9498-40F4-83CF-DA5CAD0528A8} - System32\Tasks\{EFF213B3-EFC7-47B4-B601-24D8FF28F00C} => C:\Program Files\Kinstone Video Power\VideoPower.exe
Task: {835B8281-6E3E-44F8-A07B-613ECB0A8E53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {8ED58C42-D9CD-4C33-BA7A-354CB0B2DB08} - System32\Tasks\{75A926E6-8113-4921-976A-BA57A07FFA25} => C:\Program Files\TuneUp Utilities 2007\OneClickMaintenance.exe
Task: {8EDC792A-6BB3-44AB-AE2F-616658AD9D1F} - System32\Tasks\{33207D11-6CE4-494C-A47B-D989A462B709} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {92509917-9DEC-4764-B7F8-C7C1D32E3BB7} - System32\Tasks\{741A89C9-5041-425D-A583-EC9B38579736} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {92D0E115-AF42-442B-A268-0B1EC0A68487} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {996E3306-9718-45AF-B5B8-E42D3B8106DC} - System32\Tasks\{5328E27C-3F6A-4508-9A24-7F7477C46DE7} => C:\Program Files\SyncToy 2.1\SyncToy.exe [2009-10-19] (Microsoft Corporation)
Task: {9BA85ADF-9BB2-4C05-8F40-CD897CDAA8B4} - System32\Tasks\{59F6DCC7-D1CF-40F0-BD16-F97835F30AEB} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {9F3A75F0-9FFD-4B51-B36A-83C6810E4758} - System32\Tasks\{0566F81D-3AD9-4543-9C17-E5C225CBF1FF} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {A54CB527-CF9C-4059-9B3F-CC11300A4705} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {A68ADDAA-87AA-40B9-B236-0B707121213D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {A9805966-B3BC-4B6F-A9BC-E99D79201376} - System32\Tasks\{EC238D77-640F-4045-8362-6FD551440A5B} => O:\Downloads\Software\Nokia\NokiaSoftwareUpdaterSetup_de.exe
Task: {AC2C2030-1C22-4FFE-8E31-2F1CDD3890D7} - System32\Tasks\{57A35445-BA05-4EEF-A389-4C1CC734F489} => C:\Program Files\Alwil Software\Avast4\ashAvast.exe
Task: {AF9D9552-9493-498F-B489-53EB58A6EE01} - System32\Tasks\{AACF9AE8-780F-4124-9A52-F9E47B706F84} => pcalua.exe -a C:\Users\RAaM2\Downloads\HBCI-Leser_cyberjack\bc_6_8_0.exe -d C:\Users\RAaM2\Downloads\HBCI-Leser_cyberjack
Task: {B2D26877-DEF1-486E-9368-E1578292154D} - System32\Tasks\{4018C64E-26FC-479D-A92B-0A80940EEB1F} => pcalua.exe -a O:\Downloads\Software\iriver\MovieConverterSetup.exe -d O:\Downloads\Software\iriver
Task: {B6E3A24A-5456-4B92-87E2-5DE2EA1C529D} - System32\Tasks\{AC2E26C2-BFCB-4AAD-A36A-3F0137954D59} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {C2DE5B4B-F3C1-4E66-B228-488A6F398519} - System32\Tasks\{691515F1-649F-4A3F-A132-5988A568222A} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {C3EC964F-C3CC-4E5D-B5CB-3A2326A41A5C} - System32\Tasks\1-Klick-Wartung => C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
Task: {C7ECD6AF-0789-4956-BC0C-84711A3A6241} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {C822C4B9-2629-4EC7-8D75-3463090333AD} - System32\Tasks\{4F76398C-9EB8-48A7-B9D3-2AC976C72615} => C:\Program Files\iriver\iriver plus 3\iLauncher.exe [2009-03-25] (Reigncom Limited)
Task: {C958D7E3-4B1D-4FA8-B34C-C4872FE0F67D} - System32\Tasks\{B5B8C8AE-DED2-4EA4-96E5-64DD37D8FC1E} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {D17BE0A0-47C0-4074-A3F9-ED4149F80852} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {D8220499-4D92-4B0A-A10F-AC0051DA83ED} - System32\Tasks\EPUpdater => C:\Users\RAaM2\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-04-17] () <==== ATTENTION
Task: {D85665FD-A042-4791-AD37-D40F2A292258} - System32\Tasks\{41AAA134-0CD8-489C-8FAD-75C2DF6A8A87} => C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe [2009-02-05] (Pinnacle Systems)
Task: {DAA37B1B-3FC2-4E26-8FE3-915D5E187923} - System32\Tasks\{D07541E5-CD90-43E9-A676-3456030083D3} => C:\Users\RAaM2\Downloads\Neuer Download\vcredist_x86.exe
Task: {DFD19D02-FD8C-41D5-B56A-71A55BE5EFF2} - System32\Tasks\{C9F9A88E-9DF0-4D4D-AAAE-884EADEC290D} => C:\Program Files\iriver\Movie Converter\iLauncher.exe [2007-10-11] (Reigncom Limited)
Task: {DFDFFB4D-6929-4BF5-B02A-F72267FA6572} - System32\Tasks\{42A95E58-CA2F-4FE3-9F1F-F696943BEAC4} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {E16F5EE7-2D2D-4EFB-82FF-A54D5D3DF571} - System32\Tasks\{08E84115-1BCA-40AF-AE31-E2B23B5A72A2} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {E97EAEAD-BA11-464D-90FF-F7B014016CEC} - System32\Tasks\{E1E276D7-7DB0-447F-B15A-0A54F5A79D20} => C:\Program Files\Project64 1.6\Project64.exe [2005-04-01] ()
Task: {EA203C2F-33C7-4CF4-A0EC-57394D5BC250} - System32\Tasks\{9361C8AD-E054-44DF-AAE7-897CA7F07BB1} => pcalua.exe -a "E:\USB Driver for Windows OS\setup.exe" -d "E:\USB Driver for Windows OS"
Task: {EBFAAAE3-7620-4FB1-A3B2-006F911E4F85} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {ED0BA1AE-8B58-478D-BE60-6A5E95451760} - System32\Tasks\{941B1359-8C05-43A3-9733-9E216AC5D07A} => pcalua.exe -a O:\Downloads\Software\iriver\iplus3.exe -d O:\Downloads\Software\iriver
Task: {EE3E4D51-DA29-45CC-AD8F-A348B89E2624} - System32\Tasks\{3AE65294-911B-4F40-8D43-6AEBC4EE35C5} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {F44060CD-0D2A-4968-BEFE-8AFCD8F41569} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {F75B9CF0-8A4B-4483-9CE9-0F0AAF6B37FA} - System32\Tasks\{9A23B699-1021-47D6-987B-003EDE61EEB6} => C:\Program Files\Alwil Software\Avast4\ashAvast.exe
Task: {F76E6AE9-0F61-4AB8-8BCD-C686F1D49974} - System32\Tasks\{731991E4-B052-47DB-973F-1F68907C9C66} => pcalua.exe -a C:\Windows\system32\dgfw.cpl -c Digidesign Mbox 2 Pro
Task: {FCDEC0C2-CAB2-467B-BD16-2DFC79CF0FB9} - System32\Tasks\{7B768B8E-0F06-46DC-936A-8E5FFD10042D} => C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\Photoshop Album Starter Edition.exe [2007-03-16] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\1-Klick-Wartung.job => C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000Core.job => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000UA.job => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\neoKiKA 02.09.2014 22-41-00.job => C:\Program Files\DVBViewer\dvbviewer.exe
Task: C:\Windows\Tasks\neoKiKA 02.09.2014 23-41-00.job => C:\Program Files\DVBViewer\dvbviewer.exe

==================== Loaded Modules (whitelisted) =============

1996-12-14 00:00 - 1996-12-14 00:00 - 00022016 _____ () C:\Windows\system32\docobj.dll
2009-12-05 00:24 - 2005-03-28 10:13 - 00077824 _____ () C:\Windows\System32\csdlocalmon.dll
2009-12-01 20:12 - 2007-05-31 07:38 - 00167936 ____N () C:\Windows\system32\SerialXP.dll
2007-06-05 12:20 - 2007-06-05 12:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2009-11-12 13:50 - 2009-11-12 13:50 - 00220128 _____ () C:\Program Files\Macrium\Reflect\ReflectService.exe
2009-10-23 10:17 - 2009-07-27 14:49 - 00244904 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2013-02-06 14:52 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files\StarMoney 8.0 S-Edition\ouservice\PATCHW32.dll
2014-08-06 22:39 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files\StarMoney 9.0 S-Edition\ouservice\PATCHW32.dll
2015-01-13 20:06 - 2015-01-12 13:55 - 00091304 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
2014-04-27 16:27 - 2014-04-27 16:27 - 00541696 _____ () C:\Program Files\002\yewimmxqbs32.exe
2014-09-25 13:07 - 2014-09-25 13:07 - 00081056 _____ () C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2009-11-29 21:26 - 2006-09-20 08:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
2010-09-05 17:12 - 2007-06-18 04:40 - 00200704 ____R () C:\Windows\System32\UMonit.exe
2010-09-05 17:12 - 2007-05-09 07:34 - 00176128 ____R () C:\Windows\System32\ustor.dll
2009-11-29 21:26 - 2006-10-30 16:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
2012-06-08 16:11 - 2012-06-08 16:11 - 01989632 _____ () C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
2014-09-25 13:07 - 2014-09-25 13:07 - 00081056 _____ () C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2015-01-01 15:24 - 2015-01-01 15:24 - 00186368 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\36165d484fa2857575583d9a4cc61840\Kies.Common.DeviceServiceLib.Interface.ni.dll
2015-01-01 15:25 - 2015-01-01 15:25 - 14993920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\afc3f45376148ce6a1ee84da499d7edb\Kies.Theme.ni.dll
2015-01-01 15:24 - 2015-01-01 15:24 - 01865728 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\ff954a7b95f33b6498d154499e393055\Kies.UI.ni.dll
2015-01-01 15:24 - 2015-01-01 15:24 - 00081920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\5157234c4b83b2a920dcc02362260903\Kies.MVVM.ni.dll
2014-10-15 17:54 - 2014-10-15 17:54 - 00236032 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6815ff93472d008087880a6462931188\ASF_cSharpAPI.ni.dll
2015-01-15 17:30 - 2015-01-15 17:30 - 00098816 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32api.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00110080 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\pywintypes27.dll
2015-01-15 17:30 - 2015-01-15 17:30 - 00364544 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\pythoncom27.dll
2015-01-15 17:30 - 2015-01-15 17:30 - 00045568 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_socket.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 01160704 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_ssl.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00320512 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32com.shell.shell.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00713216 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_hashlib.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 01175040 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._core_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00805888 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._gdi_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00811008 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._windows_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 01062400 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._controls_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00735232 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._misc_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00128512 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_elementtree.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00127488 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\pyexpat.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00557056 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\pysqlite2._sqlite.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00087552 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_ctypes.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00119808 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32file.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00108544 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32security.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00007168 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\hashobjs_ext.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00167936 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32gui.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00018432 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32event.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00038912 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32inet.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00011264 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32crypt.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00070656 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._html2.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00027136 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_multiprocessing.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00035840 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32process.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00686080 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\unicodedata.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00122368 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._wizard.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00024064 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32pipe.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00025600 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32pdh.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00525640 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\windows._lib_cacheinvalidation.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00010240 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\select.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00017408 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32profile.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00022528 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32ts.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00078336 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._animate.pyd
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-15 17:31 - 2015-01-15 17:31 - 00043008 _____ () c:\users\raam2\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9tjfpi.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-13 20:06 - 2015-01-13 23:12 - 51548328 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
2015-01-13 20:06 - 2015-01-07 22:22 - 00985768 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll
2015-01-13 20:06 - 2015-01-07 22:22 - 01360552 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\libglesv2.dll
2015-01-13 20:06 - 2015-01-07 22:22 - 00214184 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\libegl.dll
2015-01-13 20:06 - 2015-01-07 22:22 - 16827048 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\NPSWF32_15_0_0_189.dll
2014-12-12 23:18 - 2014-12-06 02:50 - 01077064 _____ () C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 23:18 - 2014-12-06 02:50 - 00211272 _____ () C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 23:18 - 2014-12-06 02:50 - 09009480 _____ () C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 23:18 - 2014-12-06 02:50 - 01677128 _____ () C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^RAaM2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
MSCONFIG\startupreg: AllShareAgent => C:\Program Files\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\RAaM2\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: OpwareSE4 => "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-837243161-1062950140-3748333167-500 - Administrator - Disabled)
ASPNET (S-1-5-21-837243161-1062950140-3748333167-1002 - Limited - Enabled)
Christa (S-1-5-21-837243161-1062950140-3748333167-1007 - Administrator - Enabled) => C:\Users\Christa
Gast (S-1-5-21-837243161-1062950140-3748333167-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-837243161-1062950140-3748333167-1005 - Limited - Enabled)
RAaM2 (S-1-5-21-837243161-1062950140-3748333167-1000 - Administrator - Enabled) => C:\Users\RAaM2
Sarah (S-1-5-21-837243161-1062950140-3748333167-1006 - Administrator - Enabled) => C:\Users\Sarah

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/15/2015 08:11:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684be0
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005d032
ID des fehlerhaften Prozesses: 0xc68
Startzeit der fehlerhaften Anwendung: 0xSpfService.exe0
Pfad der fehlerhaften Anwendung: SpfService.exe1
Pfad des fehlerhaften Moduls: SpfService.exe2
Berichtskennung: SpfService.exe3

Error: (01/15/2015 05:37:15 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (01/15/2015 08:11:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/15/2015 05:41:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (01/15/2015 05:38:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (01/15/2015 05:33:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/15/2015 05:33:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (01/15/2015 05:33:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/15/2015 05:33:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (01/15/2015 05:33:02 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/15/2015 05:32:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2015 05:32:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.


Microsoft Office Sessions:
=========================
Error: (01/15/2015 08:11:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService.exe1.3.0.90904e684be0ntdll.dll6.1.7601.18247521ea91cc00000050005d032c6801d030e0dd1df540C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exeC:\Windows\SYSTEM32\ntdll.dll4517b760-9cea-11e4-b9b7-000a94176540

Error: (01/15/2015 05:37:15 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 74%
Total physical RAM: 3071.3 MB
Available physical RAM: 794.41 MB
Total Pagefile: 7165.59 MB
Available Pagefile: 2374.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.45 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:910.41 GB) (Free:756.54 GB) NTFS
Drive d: (Recover) (Fixed) (Total:20 GB) (Free:10.34 GB) NTFS
Drive e: (MyBook) (Fixed) (Total:2794.49 GB) (Free:2218.81 GB) NTFS
Drive p: (Expansion) (Fixed) (Total:465.76 GB) (Free:439.39 GB) NTFS
Drive q: (maxi n.u) (Fixed) (Total:465.76 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9E009E00)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=910.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BA7E796E)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

========================================================
Disk: 6 (Size: 465.8 GB) (Disk ID: E5A677E1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 15.01.2015, 21:23   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Sagmal, ist das ein gewerblich genutztes System?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.01.2015, 22:07   #13
ronark
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015 01
Ran by RAaM2 (administrator) on RAINER-PC on 15-01-2015 21:21:03
Running from C:\Users\RAaM2\Desktop
Loaded Profiles: RAaM2 (Available profiles: RAaM2 & Sarah & Christa & Gast)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(REINER SCT) C:\Windows\System32\cjpcsc.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
() C:\Program Files\002\yewimmxqbs32.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Windows\System32\UMonit.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
() C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Google Quick Search Box] => C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [122880 2009-11-27] (Google Inc.)
HKLM\...\Run: [NetFxUpdate_v1.1.4322] => C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [106496 2004-08-10] (Microsoft)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-09-13] (CANON INC.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [UMonit] => C:\Windows\system32\UMonit.exe [200704 2007-06-18] ()
HKLM\...\Run: [BigDog303] => C:\Windows\VM303_STI.EXE [61440 2006-01-24] (Vimicro)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Path] => C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe [1989632 2012-06-08] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2707992 2014-09-03] (Sony Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-27] (Google Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [Google Update] => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [SkyDrive] => C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1565504 2014-12-16] (Samsung)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-12-16] (Samsung)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\MountPoints2: {46bb24e7-c704-11e2-bb50-4061864d3aa8} - F:\setup_vmb_lite.exe /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com/
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> DefaultScope {4128802F-8A28-42C8-A441-F464AA11DDFD} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_deDE355
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {16639E9F-A73B-4829-BF1B-C8E7FA2A33A7} URL = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {17E5117F-F86D-40CA-B89B-2C5B34D78C4B} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearch-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {2BE66F85-635A-44FC-96C2-6CF411D6FAFE} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {4128802F-8A28-42C8-A441-F464AA11DDFD} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_deDE355
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {7616FC6D-7F42-41D3-8FAA-C4F318003C6D} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {945F02B5-2F33-4B96-8841-835C510EC8C2} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {A8A65AC0-056A-4CEE-9936-3FE3098CF4EA} URL = hxxp://suche.t-online.de/fast-cgi/tsc?q={searchTerms}&sr=searchbar
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {BC87AC6A-4758-4D2A-94EC-84CD4274D282} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {BCB7F24B-F6E1-4BB1-BE9E-BF32BFE7DEA4} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&index=blended&linkCode=ur2&camp=1638&creative=6742&tag=iepluginsearch-21
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {D691082F-E5F2-40CE-8941-3106EBE25670} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {EFDAAA28-5D6C-40C3-80EF-43B71364A10F} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD3FF62E-61A7-48EE-A4A4-97CE7BD1F99D} https://eplace-eu.solvay.com/postauthACC/SodaAgent.CAB
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: @tools.google.com/Google Update;version=3 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: @tools.google.com/Google Update;version=9 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\RAaM2\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default\searchplugins\conduit.xml
FF Extension: vis - C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2013-11-13]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-31]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-01]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-22]
FF HKLM\...\Firefox\Extensions: [ClickPotatoLite@ClickPotatoLite.com] - C:\Program Files\ClickPotatoLite\bin\10.0.628.0\firefox\extensions
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-05-27]
FF HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Profile: C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DER SPIEGEL) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpbllkmchckcndlogpofcepplhndlg [2012-11-16]
CHR Extension: (Quick Sidebar) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd [2014-06-15]
CHR Extension: (Google Drive) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Google Cast) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-03-20]
CHR Extension: (Adblock Plus) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-01]
CHR Extension: (Kindle Cloud Reader) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2014-11-11]
CHR Extension: (Google-Suche) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (hxxp://tunein.com/) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dblgfaikinhoidnoieheigjobmlkhcjc [2013-06-30]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-05-27]
CHR Extension: (Google News) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-01-10]
CHR Extension: (Simple Google bookmarks) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobhkcpfdpfhghdmiecokllfjiemfmgm [2012-10-22]
CHR Extension: (Cut the Rope) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2012-12-31]
CHR Extension: (Dropbox) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-04-05]
CHR Extension: (SoundCloud) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2013-04-06]
CHR Extension: (Scratchpad) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjebfhglflhjjjiceimfkgicifkhjlnm [2012-11-16]
CHR Extension: (Super Mario Flash 2 Spiel) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbkkfblonehbjjkdfiejflknbokmame [2013-09-23]
CHR Extension: (Google Play) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2012-12-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-10]
CHR Extension: (Google Maps) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-01-10]
CHR Extension: (OneDrive) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2013-04-03]
CHR Extension: (LocalChromecast Player) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp [2014-03-25]
CHR Extension: (Google Wallet) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2012-11-24]
CHR Extension: (TV Movie Fernsehprogramm) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\omigcnbanchckjpihkioagdjjdhkhhdh [2013-10-05]
CHR Extension: (Wetter) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\paafljigflaodeomfbpjcggedcilkoop [2013-01-10]
CHR Extension: (Quick start) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-06-15]
CHR Extension: (Google Mail) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
CHR HKLM\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\RAaM2\AppData\Roaming\BabSolution\CR\Delta.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files\RelevantKnowledge\rlcm.crx [Not Found]
CHR HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR StartMenuInternet: Google Chrome - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1155072 2009-02-03] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-04-18] (Teruten) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-03-26] (Nitro PDF Software)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [484888 2014-09-03] (Sony Corporation)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S3 PS3 Media Server; C:\Program Files\PS3 Media Server\win32\service\wrapper.exe [217088 2008-08-17] () [File not signed]
R2 ReflectService; C:\Program Files\Macrium\Reflect\ReflectService.exe [220128 2009-11-12] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2009-07-27] () [File not signed]
S2 SamsungAllShareV2.0; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-01-19] (Samsung Electronics Co., Ltd.)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [File not signed]
S3 SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 Verifies and fixes application compatibility issues; C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [91304 2015-01-12] ()
R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
R2 yewimmxqbs32; C:\Program Files\002\yewimmxqbs32.exe [541696 2014-04-27] () [File not signed]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) [File not signed]
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28144 2011-03-29] (REINER SCT)
S3 DIGIFW; C:\Windows\System32\DRIVERS\digifw.sys [167952 2010-10-23] (Avid Technology, Inc.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2013-05-23] (Logitech, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [50704 2009-10-20] (CACE Technologies, Inc.)
S3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
S3 PSMounter; C:\Windows\system32\drivers\psmounter.sys [32736 2009-11-12] (Macrium Software)
R0 pssnap; C:\Windows\System32\DRIVERS\pssnap.sys [15328 2008-05-20] (Macrium Software)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions) [File not signed]
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation                           )
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [93304 2010-09-26] (PACE Anti-Piracy, Inc.)
R3 TrdCap; C:\Windows\System32\DRIVERS\TrdCap.sys [1554472 2010-06-09] (Trident Microsystems, Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 ZMGHPAudioSrv; C:\Windows\System32\drivers\zmghpau.sys [38016 2011-02-18] (ZOOM)
S3 ZSMC303; C:\Windows\System32\Drivers\usbVM303.sys [391300 2006-02-23] (Vimicro Corporation)
R0 mfehidk; system32\drivers\mfehidk.sys [X]
S0 mferkdet; system32\drivers\mferkdet.sys [X]
S1 muhilvre; \??\C:\Windows\system32\drivers\muhilvre.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S2 WiseFS; \??\H:\Folders\Software\WFH\Wise Folder Hider\WiseFs32.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 21:21 - 2015-01-15 21:21 - 00036522 _____ () C:\Users\RAaM2\Desktop\FRST.txt
2015-01-15 21:20 - 2015-01-15 21:09 - 01116672 _____ (Farbar) C:\Users\RAaM2\Downloads\FRST.exe
2015-01-15 21:10 - 2015-01-15 21:21 - 00000000 ____D () C:\FRST
2015-01-15 21:08 - 2015-01-15 21:09 - 01116672 _____ (Farbar) C:\Users\RAaM2\Desktop\FRST.exe
2015-01-15 18:11 - 2015-01-15 21:05 - 00001287 _____ () C:\Users\RAaM2\Downloads\Stinger_15012015_181146.html
2015-01-15 18:11 - 2015-01-15 18:11 - 00179600 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe.e39d.deleteme
2015-01-15 17:30 - 2015-01-15 17:57 - 00000865 _____ () C:\Windows\setupact.log
2015-01-15 17:30 - 2015-01-15 17:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 16:45 - 2015-01-15 14:05 - 04188536 _____ (Piriform Ltd) C:\Users\RAaM2\Downloads\ccsetup501_slim.exe
2015-01-15 16:43 - 2015-01-15 21:09 - 00000114 ___RH () C:\Users\RAaM2\Downloads\Stinger.opt
2015-01-15 13:32 - 2015-01-15 13:32 - 00014029 _____ () C:\Users\RAaM2\Downloads\hijackthis.log
2015-01-15 13:22 - 2015-01-15 13:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\RAaM2\Downloads\HiJackThis204.exe
2015-01-15 13:13 - 2015-01-15 13:13 - 00000000 ____D () C:\Quarantine
2015-01-15 13:07 - 2015-01-15 16:38 - 00001073 _____ () C:\Users\RAaM2\Downloads\Stinger_15012015_130717.html
2015-01-15 13:06 - 2015-01-15 21:09 - 00000000 ____D () C:\Program Files\stinger
2015-01-15 13:00 - 2015-01-15 13:04 - 11165552 _____ (McAfee Inc) C:\Users\RAaM2\Downloads\stinger32.exe
2015-01-14 17:28 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 17:28 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:27 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:27 - 2014-12-11 18:47 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:27 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:26 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:17 - 2015-01-14 17:52 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Compatibility Verifier
2015-01-13 20:08 - 2015-01-15 21:07 - 00000112 _____ () C:\ProgramData\W4Gisl.dat
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-13 20:06 - 2015-01-15 17:35 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-01-13 20:06 - 2015-01-15 17:35 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-01-01 18:05 - 2014-10-13 06:57 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-01-01 18:05 - 2014-10-13 06:57 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-12-28 19:40 - 2014-12-28 19:40 - 00001221 _____ () C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TrayIt!.lnk
2014-12-28 19:39 - 2014-12-28 19:39 - 00000000 ____D () C:\Program Files\trayit_4_6_5_5
2014-12-28 19:35 - 2014-12-28 19:35 - 00000000 ____D () C:\Users\RAaM2\Downloads\nw_7668_trayitzip
2014-12-28 19:33 - 2014-12-28 19:33 - 00335253 _____ () C:\Users\RAaM2\Downloads\nw_7668_trayitzip.zip
2014-12-19 15:21 - 2014-12-19 15:21 - 04330507 _____ () C:\Users\RAaM2\Downloads\Tip0000-Download-Paket-Demo.zip
2014-12-18 12:05 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 21:15 - 2011-07-22 21:58 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000UA.job
2015-01-15 21:11 - 2014-01-02 12:16 - 00000000 ____D () C:\Program Files\StarMoney 9.0 S-Edition
2015-01-15 20:56 - 2009-11-27 21:31 - 01072621 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 20:35 - 2013-10-04 16:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 20:33 - 2010-02-15 22:55 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 18:06 - 2009-07-14 05:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 18:06 - 2009-07-14 05:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 17:32 - 2013-04-05 19:39 - 00000000 ___RD () C:\Users\RAaM2\Dropbox
2015-01-15 17:32 - 2013-04-05 19:34 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Dropbox
2015-01-15 17:32 - 2013-04-03 15:10 - 00000000 ___RD () C:\Users\RAaM2\SkyDrive
2015-01-15 17:31 - 2013-01-26 20:32 - 00000000 ___RD () C:\Users\RAaM2\Google Drive
2015-01-15 17:30 - 2014-07-14 18:35 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat
2015-01-15 17:30 - 2010-02-15 22:55 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 17:30 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 17:14 - 2010-05-09 20:30 - 00000000 ____D () C:\Windows\Minidump
2015-01-15 17:11 - 2013-08-15 23:30 - 00000000 ____D () C:\Users\RAaM2\Desktop\Tools
2015-01-15 16:47 - 2014-01-29 13:10 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-15 12:15 - 2011-07-22 21:58 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000Core.job
2015-01-14 18:36 - 2012-10-24 17:25 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-14 18:36 - 2011-05-16 12:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-14 17:12 - 2013-08-15 23:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 16:45 - 2009-09-24 16:13 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 15:36 - 2009-11-27 21:31 - 00000000 ____D () C:\Users\RAaM2
2015-01-14 15:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-14 15:34 - 2014-10-10 17:19 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Telegram Win (Unofficial)
2015-01-14 15:34 - 2013-08-15 23:28 - 00000000 ____D () C:\Users\RAaM2\Desktop\Handy
2015-01-14 15:34 - 2013-07-03 14:56 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-14 15:34 - 2012-03-10 15:38 - 00000000 ____D () C:\Users\Sarah
2015-01-14 15:34 - 2010-10-24 13:21 - 00000000 ____D () C:\Users\Christa
2015-01-14 15:34 - 2010-07-10 16:42 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-01-14 15:34 - 2010-01-16 12:23 - 00000000 ____D () C:\Users\Gast
2015-01-14 15:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-14 15:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-01-14 15:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-13 22:45 - 2009-09-24 15:43 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-02 17:15 - 2009-12-05 20:19 - 00000404 _____ () C:\Windows\Tasks\1-Klick-Wartung.job
2015-01-01 14:41 - 2013-11-12 23:15 - 00000000 ____D () C:\Users\RAaM2\Documents\SelfMV
2014-12-31 12:13 - 2009-10-05 17:03 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-23 19:41 - 2012-08-03 16:13 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Skype
2014-12-22 21:22 - 2014-10-22 14:02 - 00000000 ___RD () C:\Program Files\Skype
2014-12-22 21:22 - 2012-08-03 16:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 15:25 - 2009-12-05 01:01 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\vlc
2014-12-17 21:27 - 2009-12-02 23:08 - 00002648 _____ () C:\Users\RAaM2\AppData\Roaming\wklnhst.dat
2014-12-17 17:45 - 2013-04-05 19:36 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Files to move or delete:
====================
C:\ProgramData\W4Gisl.dat


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\{7815BC09-5CB0-49E5-B205-E2E29FD09BC9}-21.0.1180.60_chrome_installer.exe
C:\Users\RAaM2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9tjfpi.dll
C:\Users\RAaM2\AppData\Local\Temp\repair4.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-31 09:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

[/CODE]

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2015 01
Ran by RAaM2 at 2015-01-15 21:21:55
Running from C:\Users\RAaM2\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Adobe® Photoshop® Album Starter Edition 3.2 (HKLM\...\Adobe® Photoshop® Album Starter Edition 3.2) (Version: 3.2.0 - hxxp://www.adobe.de)
ALDI Foto Service (HKLM\...\ALDI Foto Service D) (Version: 4.5.9.141 - MAGIX AG)
ALDI Nord Foto Manager Free (HKLM\...\ALDI Nord Foto Manager Free D) (Version: 6.0.1.491 - MAGIX AG)
Aldi Nord Fotoservice (HKLM\...\Aldi Nord Fotoservice_is1) (Version:  - )
ALDI Nord Online Druck Service (HKLM\...\ALDI Nord Online Druck Service D) (Version: 4.5.1.0 - MAGIX AG)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version:  - )
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AudioCon (HKLM\...\AudioCon) (Version: 1.0 - Basement Softworks)
Audiograbber 1.83 SE  (HKLM\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (HKLM\...\Audiograbber-Lame) (Version: 1.0 - AG)
Avid Mbox 2 Pro Driver (x86) (HKLM\...\{DEE30D6A-B4B5-4F34-9554-312DD969F5EA}) (Version: 9.0 - Avid Technology, Inc.)
BestPractice (remove only) (HKLM\...\BestPractice) (Version:  - )
CamStudio (HKLM\...\CamStudio) (Version:  - )
CamStudio Lossless Codec v1.4 (HKLM\...\CamStudio Lossless Codec_is1) (Version:  - (c) 2003 RenderSoft Software, Modifications Copyright © 2008 Jake P.)
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 1.1 (HKLM\...\MP Navigator EX 1.1) (Version:  - )
Canon MX850 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX850_series) (Version:  - )
Canon MX850 series Benutzerregistrierung (HKLM\...\Canon MX850 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Cartoonist 1.3 (HKLM\...\Cartoonist_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cheatbook Database 2010 (HKLM\...\Cheatbook Database 2010) (Version:  - )
ClipGrab 3.2.0.10 (HKLM\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel MediaOne (HKLM\...\{A062A15F-9CAC-4B88-98DF-87628A0BD721}) (Version: 2.100.0000 - Corel Corporation)
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version:  - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
cyberJack Base Components (HKLM\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2024 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3121 - CyberLink Corp.)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6622 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3213 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2214 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2010 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.6720 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2129 - CyberLink Corp.)
DE (Version: 3.0 - Corel Corporation) Hidden
Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.9.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Plus Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 2.0.0 - DivX,Inc.)
Dropbox (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DVBViewer Pro (HKLM\...\DVBViewer Pro_is1) (Version: 5.2.8 - CM&V)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
DVDStyler v2.2 (HKLM\...\DVDStyler_is1) (Version:  - )
eLicenser Control (HKLM\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
Eraser 6.0.7.1893 (HKLM\...\{38BA2875-D7AD-4611-ABA3-C385051ADF42}) (Version: 6.7.1893 - The Eraser Project)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
EXIF Date Changer v2.5 (HKLM\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version:  - Rellik Software)
Firebird SQL Server - MAGIX Edition (HKLM\...\{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}) (Version: 2.1.23.0 - MAGIX AG)
FormatFactory 3.1.1 (HKLM\...\FormatFactory) (Version: 3.1.1 - Free Time)
Free YouTube Download version 3.2.1.320 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.1.320 - DVDVideoSoft Ltd.)
FreeFileSync 5.11 (HKLM\...\FreeFileSync) (Version: 5.11 - Zenju)
FreeRIP v3.42 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 3.42 - MGShareware)
Frets On Fire (HKLM\...\Frets on Fire) (Version: 1.3.110-win32 - )
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version:  - )
Genesys USB Mass Storage Device (HKLM\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 2.5.0.0 - Genesys Logic)
GeoSetter 3.4.16 (HKLM\...\GeoSetter_is1) (Version:  - Friedemann Schmidt)
Google Chrome (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google-Schnellsuchfeld (HKLM\...\Quick Search Box) (Version: 1.2.1151.245 - Google, Inc.)
GPS-Track-Analyse.NET 6.0 (HKLM\...\GPS-Track-Analyse.NET 6.0_is1) (Version:  - )
G-Series_ASIO32 (HKLM\...\{8791C74C-2FFD-11E0-B2E6-00269E8DC781}) (Version: 1.1.2 - ZOOM)
HandBrake 0.10.0 (HKLM\...\HandBrake) (Version: 0.10.0 - )
Hardcopy (C:\Program Files\Hardcopy) (HKLM\...\Hardcopy(C__Program Files_Hardcopy)) (Version: 16.1.05 - )
Interlok driver setup x32 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.0 - PACE Anti-Piracy, Inc.)
IrfanView (remove only) (HKLM\...\IrfanView) (Version:  - )
iriver plus 3 (remove only) (HKLM\...\iriver plus 3) (Version:  - )
ITN Converter 1.82 (HKLM\...\ITN Converter_is1) (Version: 1.82 - Benichou Software)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 17 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170170}) (Version: 1.7.0.170 - Oracle)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kastor - Stream Recorder V 1.0 (HKLM\...\{CB84FEF6-C573-4328-B9A4-B29568A4E10E}_is1) (Version: 1.0.0.0 - KastorSoft)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
LAV Filters 0.58.1 (HKLM\...\lavfilters_is1) (Version: 0.58.1 - Hendrik Leppkes)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Lupas Rename 2000 v4.2 (HKLM\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
Macrium Reflect - Free Edition (HKLM\...\{EB85CC54-5E9A-4D33-B319-593B82291ABC}) (Version: 4.2.2098 - Macrium)
MAGIX Video deLuxe 2006 PLUS (D) (HKLM\...\MAGIX Video deLuxe 2006 PLUS D) (Version: 5.5.0.31 - MAGIX AG)
MAGIX Xtreme Foto Designer 6 6.0.19.0 (D) (HKLM\...\MAGIX Xtreme Foto Designer 6 D) (Version: 6.0.19.0 - MAGIX AG)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MEDION Fotos auf CD & DVD SE Nord (HKLM\...\MEDION Fotos auf CD & DVD SE Nord D) (Version: 8.0.3.4 - MAGIX AG)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
MergeModule_x86 (Version: 9.0.00 - Sony Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM\...\M953297) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 4 Converter (HKLM\...\{D18AF23E-AB28-4040-9396-28413B2C3B41}) (Version: 9.8.0000 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM\...\{172423F9-522A-483A-AD65-03600CE4CA4F}) (Version: 9.7.0000 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
MidiEditor (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\MidiEditor) (Version:  - )
MotoGP URT 3 (HKLM\...\MotoGP URT 3_is1) (Version:  - THQ)
Movie Converter (remove only) (HKLM\...\Movie Converter) (Version:  - )
MozBackup 1.4.9 (HKLM\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 12.0 (x86 de) (HKLM\...\Mozilla Firefox 12.0 (x86 de)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
Mozilla Thunderbird (3.1.11) (HKLM\...\Mozilla Thunderbird (3.1.11)) (Version: 3.1.11 (de) - Mozilla)
Mp3tag v2.41 (HKLM\...\Mp3tag) (Version: v2.41 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\MyFreeCodec) (Version:  - )
Nitro Reader 3 (HKLM\...\{5027D37B-3677-4F16-9501-A42288EBDB31}) (Version: 3.5.2.10 - Nitro)
No23 Recorder (HKLM\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Node.js (HKLM\...\{2D41A012-35EE-4724-AE8E-E592EDD9F89D}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM\...\Notepad++) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Paragon Partition Manager™ 12 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Password Safe (HKLM\...\Password Safe) (Version:  - )
PC Connectivity Solution (HKLM\...\{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}) (Version: 9.45.0.0 - Nokia)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
PlayMemories Home (HKLM\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.0.00.09031 - Sony Corporation)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PMB_ModeEditor (Version: 9.0.00 - Sony Corporation) Hidden
PMB_ServiceUploader (Version: 9.0.00 - Sony Corporation) Hidden
Power Tab Editor 1.7 (HKLM\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
Presto! PageManager 7.15.20 (HKLM\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.20 - NewSoft Technology Corporation)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PS3 Media Server (HKLM\...\PS3 Media Server) (Version:  - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RecordPad Sound Recorder (HKLM\...\Recordpad) (Version:  - NCH Software)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Richard Burns Rally (HKLM\...\{92C7D009-A464-4948-A980-7A3E28CB2F49}) (Version: 1.00.000 - )
Rubik's Games (HKLM\...\Rubik's Games) (Version:  - )
Samsung AllShare (HKLM\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
ScanSoft OmniPage SE 4 (HKLM\...\{66B4C110-8BEB-49B5-824E-C70AEEB20ECD}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Secret Maryo Chronicles (HKLM\...\secretmaryo) (Version: 1.9 - Florian Richter)
Secret Maryo Chronicles Music Pack (HKLM\...\secretmaryo_music) (Version: 4.1 - Florian Richter)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spotify (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarMoney (Version: 2.0 - StarFinanz) Hidden
StarMoney (Version: 3.0.2.50 - StarFinanz) Hidden
StarMoney (Version: 4.0.2.34 - StarFinanz) Hidden
StarMoney 8.0 S-Edition (HKLM\...\{87F3F20B-5CF8-40DA-B044-4E714E203006}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0 S-Edition (HKLM\...\{95686B93-9738-4F0A-BB2A-212B6943F057}) (Version: 9.0 - Star Finanz GmbH)
StationRipper 2.93B (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\StationRipper) (Version: 2.93B - Ratajik Software)
Steinberg HALionOne (HKLM\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg Sequel 2 Trial Content (HKLM\...\{DF584D4A-2619-41BE-9515-AAB18439D393}) (Version: 2.0.0.351 - Steinberg Media Technologies GmbH)
Steinberg Sequel LE 2 (HKLM\...\{7146D087-B853-4E00-BB52-883DCE99F155}) (Version: 2.0.5 - Steinberg Media Technologies GmbH)
SUPER © Version 2010.bld.37 (Jan 2, 2010) (HKLM\...\SUPER ©) (Version: Version 2010.bld.37 (Jan 2, 2010) - eRightSoft)
Switch Sound File Converter (HKLM\...\Switch) (Version:  - NCH Software)
SyncToy 2.1 (x86) (HKLM\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
Telegram Desktop version 0.7.6 (HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.7.6 - Telegram Messenger LLP)
The Nomad Soul (HKLM\...\The Nomad Soul) (Version:  - )
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Titanium Studio (HKLM\...\Titanium Studio) (Version: 3.1.1 - Appcelerator, Inc.)
Tracktion (HKLM\...\Tracktion4) (Version:  - )
Update Manager (Version: 4.60 - Corel Corporation) Hidden
URL Snooper v2.27.01 (HKLM\...\URLSnooper 2_is1) (Version:  - DonationCoder.com)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VideoPad Video Editor (HKLM\...\VideoPad) (Version:  - NCH Software)
VirtualDub Filter Pack 1.1 (HKLM\...\VirtualDub Filter Pack_is1) (Version:  - Infognition Co. Ltd.)
VIS (HKLM\...\VIS) (Version:  - ) <==== ATTENTION
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
VSDC Free Video Editor Version 2.1.9.211 (HKLM\...\VSDC Free Video Editor_is1) (Version: 2.1.9.211 - Flash-Integro LLC)
WavePad Sound Editor (HKLM\...\WavePad) (Version:  - NCH Software)
WD Quick View (HKLM\...\{C58994CF-D15D-41E3-A03B-587B39EAA903}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{752EC2DC-0313-435A-BF9A-9B02927C049A}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.1.9 - Shark007)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{10A44844-4465-456E-8C97-80BDD4F68845}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )
XAMPP (HKLM\...\xampp) (Version: 1.8.2-2 - BitNami)
XMedia Recode 2.1.4.8 (HKLM\...\XMedia Recode) (Version: 2.1.4.8 - Sebastian Dörfler)
Zebra 3 (HKLM\...\{10D41532-9935-460A-8AC4-64E9614CB04E}) (Version: 1.0.0 - Klett Verlag GmbH)
ZOOM Edit&Share for Windows (HKLM\...\{E99B8E1C-262D-49E6-9A84-D2AC486B2648}) (Version: 5.00.0000 - ZOOM Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{0BE35200-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{0BE35201-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{0BE35202-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\RAaM2\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611}\InprocServer32 -> C:\Program Files\Macrium\Reflect\RShellExt.dll (Paramount Software UK Ltd)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-837243161-1062950140-3748333167-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

26-12-2014 18:10:44 Windows Update
28-12-2014 19:00:41 Windows-Sicherung
30-12-2014 12:18:15 Windows Update
13-01-2015 17:07:25 Windows Update
13-01-2015 17:14:08 Windows-Sicherung
13-01-2015 20:06:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 11:57:22 Wiederherstellungsvorgang
14-01-2015 13:26:05 Windows Update
14-01-2015 13:29:36 Windows-Sicherung
14-01-2015 15:26:58 Wiederherstellungsvorgang
14-01-2015 15:40:05 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 16:44:49 Windows Update
14-01-2015 17:20:19 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 17:53:11 Windows Update
14-01-2015 18:01:36 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 18:34:05 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
14-01-2015 20:25:54 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {019D783D-DB94-4694-B95A-BDC4512EAD3B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {03DAB6B5-8876-4594-A1A3-48EEE2B72CF3} - System32\Tasks\{ADCA8631-7C7D-4BB1-BD6A-164C482A8C2B} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {0467EEA8-3E2C-4216-B86E-797865254649} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000UA => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {04C64550-C726-4A0B-85F1-00D87A127BAC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {07A1C535-F579-4666-A22E-0AAD82E45B0D} - System32\Tasks\{33F2EBAD-215B-4165-8A6A-E311315E2C8D} => C:\Program Files\Project64 1.6\Project64.exe [2005-04-01] ()
Task: {097CD8A5-14ED-4891-BCEC-936474E43335} - System32\Tasks\{97A1201B-8983-47AD-9B48-6F1630FB36DC} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {1556A58E-27BD-47BB-88C7-0DF0AA864353} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {15AF40CE-95C4-4B93-A65D-F693613E0605} - System32\Tasks\{CE22A2A8-0EDF-45EC-A86A-5120707C24D9} => C:\MAGIX\Video_deLuxe_2006_PLUS\VideodeLuxe.exe [2006-06-14] (MAGIX AG)
Task: {175AD2BA-364C-49A0-883A-5D26738413DA} - System32\Tasks\{F1EBC007-5A7A-46C0-83AA-F4F8C719F628} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {187E44F8-A384-4553-B51D-33EAC93F1950} - System32\Tasks\{6EC45BB9-22D7-4307-98CD-33C3AE83AE15} => C:\MAGIX\Video_deLuxe_2006_PLUS\VideodeLuxe.exe [2006-06-14] (MAGIX AG)
Task: {1AA0B8E1-901D-45B4-B043-50AB3411D839} - System32\Tasks\{AE8B22B8-ABA7-4079-B91E-C7ED7847D89B} => pcalua.exe -a "C:\Users\RAaM2\Downloads\Neuer Download\vcredist_x86.exe" -d "C:\Users\RAaM2\Downloads\Neuer Download"
Task: {1E151774-5459-4D5D-8B65-13D881C1FC83} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2E046C9E-EFAD-452B-97B0-34D9486ABCE8} - System32\Tasks\{E7D5220E-AF6F-4269-BDEA-1586F80731D2} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {32E625A5-7C31-44F5-8599-87949871C1D2} - System32\Tasks\{C980546F-B754-4536-AD88-3731BDCAA6D1} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {34521D69-C0E7-49D2-8056-38CB7CD8BE6E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {35A4D229-81D6-490B-B9DD-E7BAF650673A} - System32\Tasks\{9BFF994D-B78E-4038-B3CA-D7AB95F96736} => Chrome.exe hxxp://ui.skype.com/ui/0/4.2.0.187/de/go/help.faq.installer?LastError=1603
Task: {37598CF9-FB9B-4F03-AA33-9164DC30D05E} - System32\Tasks\{A24F35DC-E365-454A-B462-6A76DB3220BC} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {3FD986E6-786E-4B80-9EA4-074D462E6DF1} - System32\Tasks\{99D2A16C-528E-4968-8891-2DC280C2B5BC} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {4385C8C7-112D-4969-9000-D52CA516F06D} - System32\Tasks\{54BF46E5-AEB3-4152-BC93-F4DDFC988C94} => C:\Program Files\Kinstone Video Power\VideoPower.exe
Task: {4A58290C-3401-4598-99F9-05EFF9B3FC20} - System32\Tasks\{BA994F75-EE10-45A6-8553-3BB35005A26F} => pcalua.exe -a "C:\Users\RAaM2\Downloads\Magix Xtrme Foto Designer 6\free_xtremefotodesigner6_de.exe" -d "C:\Users\RAaM2\Downloads\Magix Xtrme Foto Designer 6"
Task: {4AAB949C-B0C1-46EE-A131-62A8C3BEA1A3} - System32\Tasks\neoKiKA 02.09.2014 23-41-00 => C:\Program Files\DVBViewer\dvbviewer.exe [2013-10-09] (CM&V Hackbart)
Task: {4B5154FA-3870-4F54-9B7B-D4054574062D} - System32\Tasks\{5F683722-6637-4ECF-B189-11AF0C95138A} => pcalua.exe -a "C:\Users\RAaM2\Downloads\StarMoney 7.0\smoney_m_4_0_25050180_3_.exe" -d "C:\Users\RAaM2\Downloads\StarMoney 7.0"
Task: {4DA7CC83-870B-49BE-9B98-0ED3A9A3B257} - System32\Tasks\{6788DE74-C5C7-4AA8-AD3C-AD68FAC5AD27} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {54D26981-1528-4631-B95F-CDCD31764F4A} - System32\Tasks\neoKiKA 02.09.2014 22-41-00 => C:\Program Files\DVBViewer\dvbviewer.exe [2013-10-09] (CM&V Hackbart)
Task: {57D6827E-A5AB-44D6-8B9C-03042011383E} - System32\Tasks\{041D8794-2E36-435B-8E2E-5723D6A2DBB8} => C:\Program Files\Project64 1.6\Project64.exe [2005-04-01] ()
Task: {5BFD0C98-B9EF-49C4-A329-9F952787F9CB} - System32\Tasks\SyncToy\SyncToy Test => C:\Program Files\SyncToy 2.1\SyncToyCmd.exe [2009-10-19] (Microsoft Corporation)
Task: {6DA33AFC-42FA-41E5-8DFE-30AA03E8C299} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {75F9A913-FAE3-4C34-B9B8-F7B4AB7AA64E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000Core => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {7877CFB3-9498-40F4-83CF-DA5CAD0528A8} - System32\Tasks\{EFF213B3-EFC7-47B4-B601-24D8FF28F00C} => C:\Program Files\Kinstone Video Power\VideoPower.exe
Task: {835B8281-6E3E-44F8-A07B-613ECB0A8E53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {8ED58C42-D9CD-4C33-BA7A-354CB0B2DB08} - System32\Tasks\{75A926E6-8113-4921-976A-BA57A07FFA25} => C:\Program Files\TuneUp Utilities 2007\OneClickMaintenance.exe
Task: {8EDC792A-6BB3-44AB-AE2F-616658AD9D1F} - System32\Tasks\{33207D11-6CE4-494C-A47B-D989A462B709} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {92509917-9DEC-4764-B7F8-C7C1D32E3BB7} - System32\Tasks\{741A89C9-5041-425D-A583-EC9B38579736} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {92D0E115-AF42-442B-A268-0B1EC0A68487} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {996E3306-9718-45AF-B5B8-E42D3B8106DC} - System32\Tasks\{5328E27C-3F6A-4508-9A24-7F7477C46DE7} => C:\Program Files\SyncToy 2.1\SyncToy.exe [2009-10-19] (Microsoft Corporation)
Task: {9BA85ADF-9BB2-4C05-8F40-CD897CDAA8B4} - System32\Tasks\{59F6DCC7-D1CF-40F0-BD16-F97835F30AEB} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {9F3A75F0-9FFD-4B51-B36A-83C6810E4758} - System32\Tasks\{0566F81D-3AD9-4543-9C17-E5C225CBF1FF} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {A54CB527-CF9C-4059-9B3F-CC11300A4705} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {A68ADDAA-87AA-40B9-B236-0B707121213D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {A9805966-B3BC-4B6F-A9BC-E99D79201376} - System32\Tasks\{EC238D77-640F-4045-8362-6FD551440A5B} => O:\Downloads\Software\Nokia\NokiaSoftwareUpdaterSetup_de.exe
Task: {AC2C2030-1C22-4FFE-8E31-2F1CDD3890D7} - System32\Tasks\{57A35445-BA05-4EEF-A389-4C1CC734F489} => C:\Program Files\Alwil Software\Avast4\ashAvast.exe
Task: {AF9D9552-9493-498F-B489-53EB58A6EE01} - System32\Tasks\{AACF9AE8-780F-4124-9A52-F9E47B706F84} => pcalua.exe -a C:\Users\RAaM2\Downloads\HBCI-Leser_cyberjack\bc_6_8_0.exe -d C:\Users\RAaM2\Downloads\HBCI-Leser_cyberjack
Task: {B2D26877-DEF1-486E-9368-E1578292154D} - System32\Tasks\{4018C64E-26FC-479D-A92B-0A80940EEB1F} => pcalua.exe -a O:\Downloads\Software\iriver\MovieConverterSetup.exe -d O:\Downloads\Software\iriver
Task: {B6E3A24A-5456-4B92-87E2-5DE2EA1C529D} - System32\Tasks\{AC2E26C2-BFCB-4AAD-A36A-3F0137954D59} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {C2DE5B4B-F3C1-4E66-B228-488A6F398519} - System32\Tasks\{691515F1-649F-4A3F-A132-5988A568222A} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {C3EC964F-C3CC-4E5D-B5CB-3A2326A41A5C} - System32\Tasks\1-Klick-Wartung => C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
Task: {C7ECD6AF-0789-4956-BC0C-84711A3A6241} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {C822C4B9-2629-4EC7-8D75-3463090333AD} - System32\Tasks\{4F76398C-9EB8-48A7-B9D3-2AC976C72615} => C:\Program Files\iriver\iriver plus 3\iLauncher.exe [2009-03-25] (Reigncom Limited)
Task: {C958D7E3-4B1D-4FA8-B34C-C4872FE0F67D} - System32\Tasks\{B5B8C8AE-DED2-4EA4-96E5-64DD37D8FC1E} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {D17BE0A0-47C0-4074-A3F9-ED4149F80852} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {D8220499-4D92-4B0A-A10F-AC0051DA83ED} - System32\Tasks\EPUpdater => C:\Users\RAaM2\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-04-17] () <==== ATTENTION
Task: {D85665FD-A042-4791-AD37-D40F2A292258} - System32\Tasks\{41AAA134-0CD8-489C-8FAD-75C2DF6A8A87} => C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe [2009-02-05] (Pinnacle Systems)
Task: {DAA37B1B-3FC2-4E26-8FE3-915D5E187923} - System32\Tasks\{D07541E5-CD90-43E9-A676-3456030083D3} => C:\Users\RAaM2\Downloads\Neuer Download\vcredist_x86.exe
Task: {DFD19D02-FD8C-41D5-B56A-71A55BE5EFF2} - System32\Tasks\{C9F9A88E-9DF0-4D4D-AAAE-884EADEC290D} => C:\Program Files\iriver\Movie Converter\iLauncher.exe [2007-10-11] (Reigncom Limited)
Task: {DFDFFB4D-6929-4BF5-B02A-F72267FA6572} - System32\Tasks\{42A95E58-CA2F-4FE3-9F1F-F696943BEAC4} => C:\Program Files\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {E16F5EE7-2D2D-4EFB-82FF-A54D5D3DF571} - System32\Tasks\{08E84115-1BCA-40AF-AE31-E2B23B5A72A2} => C:\Program Files\office97\Office\Office10\OUTLOOK.EXE
Task: {E97EAEAD-BA11-464D-90FF-F7B014016CEC} - System32\Tasks\{E1E276D7-7DB0-447F-B15A-0A54F5A79D20} => C:\Program Files\Project64 1.6\Project64.exe [2005-04-01] ()
Task: {EA203C2F-33C7-4CF4-A0EC-57394D5BC250} - System32\Tasks\{9361C8AD-E054-44DF-AAE7-897CA7F07BB1} => pcalua.exe -a "E:\USB Driver for Windows OS\setup.exe" -d "E:\USB Driver for Windows OS"
Task: {EBFAAAE3-7620-4FB1-A3B2-006F911E4F85} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {ED0BA1AE-8B58-478D-BE60-6A5E95451760} - System32\Tasks\{941B1359-8C05-43A3-9733-9E216AC5D07A} => pcalua.exe -a O:\Downloads\Software\iriver\iplus3.exe -d O:\Downloads\Software\iriver
Task: {EE3E4D51-DA29-45CC-AD8F-A348B89E2624} - System32\Tasks\{3AE65294-911B-4F40-8D43-6AEBC4EE35C5} => C:\Program Files\DVD Shrink DE\DVD Shrink 3.2 DE (DeCSS-frei).exe [2005-05-31] (DVD Shrink)
Task: {F44060CD-0D2A-4968-BEFE-8AFCD8F41569} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {F75B9CF0-8A4B-4483-9CE9-0F0AAF6B37FA} - System32\Tasks\{9A23B699-1021-47D6-987B-003EDE61EEB6} => C:\Program Files\Alwil Software\Avast4\ashAvast.exe
Task: {F76E6AE9-0F61-4AB8-8BCD-C686F1D49974} - System32\Tasks\{731991E4-B052-47DB-973F-1F68907C9C66} => pcalua.exe -a C:\Windows\system32\dgfw.cpl -c Digidesign Mbox 2 Pro
Task: {FCDEC0C2-CAB2-467B-BD16-2DFC79CF0FB9} - System32\Tasks\{7B768B8E-0F06-46DC-936A-8E5FFD10042D} => C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\Photoshop Album Starter Edition.exe [2007-03-16] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\1-Klick-Wartung.job => C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000Core.job => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000UA.job => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\neoKiKA 02.09.2014 22-41-00.job => C:\Program Files\DVBViewer\dvbviewer.exe
Task: C:\Windows\Tasks\neoKiKA 02.09.2014 23-41-00.job => C:\Program Files\DVBViewer\dvbviewer.exe

==================== Loaded Modules (whitelisted) =============

1996-12-14 00:00 - 1996-12-14 00:00 - 00022016 _____ () C:\Windows\system32\docobj.dll
2009-12-05 00:24 - 2005-03-28 10:13 - 00077824 _____ () C:\Windows\System32\csdlocalmon.dll
2009-12-01 20:12 - 2007-05-31 07:38 - 00167936 ____N () C:\Windows\system32\SerialXP.dll
2007-06-05 12:20 - 2007-06-05 12:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2009-11-12 13:50 - 2009-11-12 13:50 - 00220128 _____ () C:\Program Files\Macrium\Reflect\ReflectService.exe
2009-10-23 10:17 - 2009-07-27 14:49 - 00244904 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2013-02-06 14:52 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files\StarMoney 8.0 S-Edition\ouservice\PATCHW32.dll
2014-08-06 22:39 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files\StarMoney 9.0 S-Edition\ouservice\PATCHW32.dll
2015-01-13 20:06 - 2015-01-12 13:55 - 00091304 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe
2014-04-27 16:27 - 2014-04-27 16:27 - 00541696 _____ () C:\Program Files\002\yewimmxqbs32.exe
2014-09-25 13:07 - 2014-09-25 13:07 - 00081056 _____ () C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2009-11-29 21:26 - 2006-09-20 08:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
2010-09-05 17:12 - 2007-06-18 04:40 - 00200704 ____R () C:\Windows\System32\UMonit.exe
2010-09-05 17:12 - 2007-05-09 07:34 - 00176128 ____R () C:\Windows\System32\ustor.dll
2009-11-29 21:26 - 2006-10-30 16:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
2012-06-08 16:11 - 2012-06-08 16:11 - 01989632 _____ () C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
2014-09-25 13:07 - 2014-09-25 13:07 - 00081056 _____ () C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2015-01-01 15:24 - 2015-01-01 15:24 - 00186368 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\36165d484fa2857575583d9a4cc61840\Kies.Common.DeviceServiceLib.Interface.ni.dll
2015-01-01 15:25 - 2015-01-01 15:25 - 14993920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\afc3f45376148ce6a1ee84da499d7edb\Kies.Theme.ni.dll
2015-01-01 15:24 - 2015-01-01 15:24 - 01865728 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\ff954a7b95f33b6498d154499e393055\Kies.UI.ni.dll
2015-01-01 15:24 - 2015-01-01 15:24 - 00081920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\5157234c4b83b2a920dcc02362260903\Kies.MVVM.ni.dll
2014-10-15 17:54 - 2014-10-15 17:54 - 00236032 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6815ff93472d008087880a6462931188\ASF_cSharpAPI.ni.dll
2015-01-15 17:30 - 2015-01-15 17:30 - 00098816 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32api.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00110080 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\pywintypes27.dll
2015-01-15 17:30 - 2015-01-15 17:30 - 00364544 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\pythoncom27.dll
2015-01-15 17:30 - 2015-01-15 17:30 - 00045568 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_socket.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 01160704 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_ssl.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00320512 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32com.shell.shell.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00713216 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_hashlib.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 01175040 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._core_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00805888 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._gdi_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00811008 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._windows_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 01062400 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._controls_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00735232 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._misc_.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00128512 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_elementtree.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00127488 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\pyexpat.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00557056 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\pysqlite2._sqlite.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00087552 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_ctypes.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00119808 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32file.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00108544 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32security.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00007168 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\hashobjs_ext.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00167936 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32gui.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00018432 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32event.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00038912 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32inet.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00011264 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32crypt.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00070656 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._html2.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00027136 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\_multiprocessing.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00035840 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32process.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00686080 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\unicodedata.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00122368 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._wizard.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00024064 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32pipe.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00025600 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32pdh.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00525640 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\windows._lib_cacheinvalidation.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00010240 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\select.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00017408 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32profile.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00022528 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\win32ts.pyd
2015-01-15 17:30 - 2015-01-15 17:30 - 00078336 _____ () C:\Users\RAaM2\AppData\Local\Temp\_MEI39162\wx._animate.pyd
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-15 17:31 - 2015-01-15 17:31 - 00043008 _____ () c:\users\raam2\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9tjfpi.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-13 20:06 - 2015-01-13 23:12 - 51548328 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe
2015-01-13 20:06 - 2015-01-07 22:22 - 00985768 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll
2015-01-13 20:06 - 2015-01-07 22:22 - 01360552 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\libglesv2.dll
2015-01-13 20:06 - 2015-01-07 22:22 - 00214184 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\libegl.dll
2015-01-13 20:06 - 2015-01-07 22:22 - 16827048 _____ () C:\Users\Default\AppData\Roaming\Compatibility Verifier\NPSWF32_15_0_0_189.dll
2014-12-12 23:18 - 2014-12-06 02:50 - 01077064 _____ () C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 23:18 - 2014-12-06 02:50 - 00211272 _____ () C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 23:18 - 2014-12-06 02:50 - 09009480 _____ () C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 23:18 - 2014-12-06 02:50 - 01677128 _____ () C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^RAaM2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
MSCONFIG\startupreg: AllShareAgent => C:\Program Files\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\RAaM2\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: OpwareSE4 => "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-837243161-1062950140-3748333167-500 - Administrator - Disabled)
ASPNET (S-1-5-21-837243161-1062950140-3748333167-1002 - Limited - Enabled)
Christa (S-1-5-21-837243161-1062950140-3748333167-1007 - Administrator - Enabled) => C:\Users\Christa
Gast (S-1-5-21-837243161-1062950140-3748333167-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-837243161-1062950140-3748333167-1005 - Limited - Enabled)
RAaM2 (S-1-5-21-837243161-1062950140-3748333167-1000 - Administrator - Enabled) => C:\Users\RAaM2
Sarah (S-1-5-21-837243161-1062950140-3748333167-1006 - Administrator - Enabled) => C:\Users\Sarah

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/15/2015 08:11:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684be0
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005d032
ID des fehlerhaften Prozesses: 0xc68
Startzeit der fehlerhaften Anwendung: 0xSpfService.exe0
Pfad der fehlerhaften Anwendung: SpfService.exe1
Pfad des fehlerhaften Moduls: SpfService.exe2
Berichtskennung: SpfService.exe3

Error: (01/15/2015 05:37:15 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (01/15/2015 08:11:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/15/2015 05:41:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (01/15/2015 05:38:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (01/15/2015 05:33:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/15/2015 05:33:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (01/15/2015 05:33:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/15/2015 05:33:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (01/15/2015 05:33:02 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/15/2015 05:32:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/15/2015 05:32:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.


Microsoft Office Sessions:
=========================
Error: (01/15/2015 08:11:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService.exe1.3.0.90904e684be0ntdll.dll6.1.7601.18247521ea91cc00000050005d032c6801d030e0dd1df540C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exeC:\Windows\SYSTEM32\ntdll.dll4517b760-9cea-11e4-b9b7-000a94176540

Error: (01/15/2015 05:37:15 PM) (Source: SamsungAllShareV2.0) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei AllShareDmsUtil.Configuration.ConfigurationManager.GetSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.LoadSharingFolderList()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.InitContentsDirectoryManager()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.Initialize()
   bei AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
   bei AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance()
   bei AllShareDMS.AllShareDMS.DoStart()
   bei AllShareDMS.AllShareDMS.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/15/2015 05:32:32 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (01/15/2015 05:32:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 72%
Total physical RAM: 3071.3 MB
Available physical RAM: 846.13 MB
Total Pagefile: 7165.59 MB
Available Pagefile: 2346.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.79 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:910.41 GB) (Free:756.5 GB) NTFS
Drive d: (Recover) (Fixed) (Total:20 GB) (Free:10.34 GB) NTFS
Drive e: (MyBook) (Fixed) (Total:2794.49 GB) (Free:2218.81 GB) NTFS
Drive p: (Expansion) (Fixed) (Total:465.76 GB) (Free:439.39 GB) NTFS
Drive q: (maxi n.u) (Fixed) (Total:465.76 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9E009E00)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=910.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: BA7E796E)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

========================================================
Disk: 6 (Size: 465.8 GB) (Disk ID: E5A677E1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Ist kein gewerbliches System sondern in den Jahren gewachsen.
Ist ein relativ alter Medion.

Hallo cosinus, bist du noch da? ;-)

Alt 15.01.2015, 22:25   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



Adware/Junkware/Toolbars entfernen

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 15.01.2015, 23:29   #15
ronark
 
db22.exe wurde von Stinger gefunden aber nicht gelöscht - Standard

db22.exe wurde von Stinger gefunden aber nicht gelöscht



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.107 - Bericht erstellt am 15/01/2015 um 22:40:41
# Aktualisiert 07/01/2015 von Xplode
# Database : 2015-01-13.2 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : RAaM2 - RAINER-PC
# Gestartet von : C:\Users\RAaM2\Desktop\AdwCleaner_4.107.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : yewimmxqbs32

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online
Ordner Gelöscht : C:\Program Files\002
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\NCH Software
Ordner Gelöscht : C:\Program Files\RrFilter
Ordner Gelöscht : C:\Program Files\VideoConverter
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\RAaM2\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\RAaM2\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\RAaM2\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\RAaM2\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\RAaM2\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\RAaM2\AppData\Roaming\Windows Net Data
[!] Ordner Gelöscht : C:\Users\RAaM2\AppData\Roaming\Compatibility Verifier
Ordner Gelöscht : C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Online
Ordner Gelöscht : C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gelöscht : C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd
Ordner Gelöscht : C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Datei Gelöscht : C:\Windows\system32\drivers\netfilter.sys
Datei Gelöscht : C:\Users\RAaM2\AppData\Roaming\BabMaint.exe
Datei Gelöscht : C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\bprotector web data

***** [ Tasks ] *****

Task Gelöscht : BitGuard
Task Gelöscht : EPUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ClickPotatoLite@ClickPotatoLite.com]
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\MenuButtonIE.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ClickPotatoLiteAx.Info
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ClickPotatoLiteAx.Info.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ClickPotatoLiteAX.UserProfiles
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ClickPotatoLiteAX.UserProfiles.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MenuButtonIE.ButtonIE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKCU\Software\9edf8cb23cb943
Schlüssel Gelöscht : HKLM\SOFTWARE\9edf8cb23cb943
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D2083641-E57F-4EAB-BB85-0582424F4A29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4F36-8D02-8C43722EE5DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\clickpotatolitesa
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\Imesh
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\MGShareware
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Rr Savings
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\ClickPotatoLite
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\SOFTWARE\MGShareware
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\RrSavings
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v12.0 (de)

[vs2ls8wg.default\prefs.js] - Zeile gelöscht : user_pref("extensions.enabledItems", "{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1,vshare@toolbar:1.0.0,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17");
[vs2ls8wg.default\prefs.js] - Zeile gelöscht : user_pref("extensions.vshare@toolbar.update.enabled", false);

-\\ Google Chrome v

[C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1402593230&from=wpm0612&uid=ST320LT012-1DG14C_W3P2NVM1XXXXW3P2NVM1&q={searchTerms}
[C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}

-\\ Opera v0.0.0.0

[C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1402593230&from=wpm0612&uid=ST320LT012-1DG14C_W3P2NVM1XXXXW3P2NVM1&q={searchTerms}
[C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [8946 octets] - [15/01/2015 22:32:26]
AdwCleaner[S0].txt - [9112 octets] - [15/01/2015 22:40:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9172 octets] ##########
         
--- --- ---

[/CODE]JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x86
Ran by RAaM2 on 15.01.2015 at 22:57:15,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\freerip3"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"



~~~ FireFox

Successfully deleted the following from C:\Users\RAaM2\AppData\Roaming\mozilla\firefox\profiles\vs2ls8wg.default\prefs.js

user_pref("google.toolbar.button_option.cached.gtbSearchBlogs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBlogs\" t
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_CTK0Y7F4MTG6NKYH03WT-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.01.2015 at 23:00:17,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---



FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015 01
Ran by RAaM2 (administrator) on RAINER-PC on 15-01-2015 23:02:06
Running from C:\Users\RAaM2\Desktop
Loaded Profiles: RAaM2 (Available profiles: RAaM2 & Sarah & Christa & Gast)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(REINER SCT) C:\Windows\System32\cjpcsc.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Windows\System32\UMonit.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Google Quick Search Box] => C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [122880 2009-11-27] (Google Inc.)
HKLM\...\Run: [NetFxUpdate_v1.1.4322] => C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [106496 2004-08-10] (Microsoft)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-09-13] (CANON INC.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [UMonit] => C:\Windows\system32\UMonit.exe [200704 2007-06-18] ()
HKLM\...\Run: [BigDog303] => C:\Windows\VM303_STI.EXE [61440 2006-01-24] (Vimicro)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Path] => C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe [1989632 2012-06-08] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2707992 2014-09-03] (Sony Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-27] (Google Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [Google Update] => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [SkyDrive] => C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1565504 2014-12-16] (Samsung)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-12-16] (Samsung)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\MountPoints2: {46bb24e7-c704-11e2-bb50-4061864d3aa8} - F:\setup_vmb_lite.exe /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> DefaultScope {4128802F-8A28-42C8-A441-F464AA11DDFD} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_deDE355
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {16639E9F-A73B-4829-BF1B-C8E7FA2A33A7} URL = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {17E5117F-F86D-40CA-B89B-2C5B34D78C4B} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearch-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {2BE66F85-635A-44FC-96C2-6CF411D6FAFE} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {4128802F-8A28-42C8-A441-F464AA11DDFD} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_deDE355
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {7616FC6D-7F42-41D3-8FAA-C4F318003C6D} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {945F02B5-2F33-4B96-8841-835C510EC8C2} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {A8A65AC0-056A-4CEE-9936-3FE3098CF4EA} URL = hxxp://suche.t-online.de/fast-cgi/tsc?q={searchTerms}&sr=searchbar
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {BC87AC6A-4758-4D2A-94EC-84CD4274D282} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {BCB7F24B-F6E1-4BB1-BE9E-BF32BFE7DEA4} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&index=blended&linkCode=ur2&camp=1638&creative=6742&tag=iepluginsearch-21
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {D691082F-E5F2-40CE-8941-3106EBE25670} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {EFDAAA28-5D6C-40C3-80EF-43B71364A10F} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD3FF62E-61A7-48EE-A4A4-97CE7BD1F99D} https://eplace-eu.solvay.com/postauthACC/SodaAgent.CAB
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: @tools.google.com/Google Update;version=3 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: @tools.google.com/Google Update;version=9 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\RAaM2\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-31]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-01]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-22]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-05-27]
FF HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Profile: C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DER SPIEGEL) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpbllkmchckcndlogpofcepplhndlg [2012-11-16]
CHR Extension: (Google Drive) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Google Cast) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-03-20]
CHR Extension: (Adblock Plus) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-01]
CHR Extension: (Kindle Cloud Reader) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2014-11-11]
CHR Extension: (Google-Suche) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (TuneIn: Listen to Online Radio, Music and Talk Stations) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dblgfaikinhoidnoieheigjobmlkhcjc [2013-06-30]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-05-27]
CHR Extension: (Google News) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-01-10]
CHR Extension: (Simple Google bookmarks) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobhkcpfdpfhghdmiecokllfjiemfmgm [2012-10-22]
CHR Extension: (Cut the Rope) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2012-12-31]
CHR Extension: (Dropbox) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-04-05]
CHR Extension: (SoundCloud) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2013-04-06]
CHR Extension: (Scratchpad) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjebfhglflhjjjiceimfkgicifkhjlnm [2012-11-16]
CHR Extension: (Super Mario Flash 2 Spiel) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbkkfblonehbjjkdfiejflknbokmame [2013-09-23]
CHR Extension: (Google Play) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2012-12-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-10]
CHR Extension: (Google Maps) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-01-10]
CHR Extension: (OneDrive) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2013-04-03]
CHR Extension: (LocalChromecast Player) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp [2014-03-25]
CHR Extension: (Google Wallet) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2012-11-24]
CHR Extension: (TV Movie Fernsehprogramm) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\omigcnbanchckjpihkioagdjjdhkhhdh [2013-10-05]
CHR Extension: (Wetter) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\paafljigflaodeomfbpjcggedcilkoop [2013-01-10]
CHR Extension: (Google Mail) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
CHR HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR StartMenuInternet: Google Chrome - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1155072 2009-02-03] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-04-18] (Teruten) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-03-26] (Nitro PDF Software)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [484888 2014-09-03] (Sony Corporation)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S3 PS3 Media Server; C:\Program Files\PS3 Media Server\win32\service\wrapper.exe [217088 2008-08-17] () [File not signed]
R2 ReflectService; C:\Program Files\Macrium\Reflect\ReflectService.exe [220128 2009-11-12] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2009-07-27] () [File not signed]
S2 SamsungAllShareV2.0; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-01-19] (Samsung Electronics Co., Ltd.)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [File not signed]
S3 SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S2 Verifies and fixes application compatibility issues; C:\Users\RAaM2\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) [File not signed]
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28144 2011-03-29] (REINER SCT)
S3 DIGIFW; C:\Windows\System32\DRIVERS\digifw.sys [167952 2010-10-23] (Avid Technology, Inc.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2013-05-23] (Logitech, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [50704 2009-10-20] (CACE Technologies, Inc.)
S3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
S3 PSMounter; C:\Windows\system32\drivers\psmounter.sys [32736 2009-11-12] (Macrium Software)
R0 pssnap; C:\Windows\System32\DRIVERS\pssnap.sys [15328 2008-05-20] (Macrium Software)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions) [File not signed]
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation                           )
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [93304 2010-09-26] (PACE Anti-Piracy, Inc.)
R3 TrdCap; C:\Windows\System32\DRIVERS\TrdCap.sys [1554472 2010-06-09] (Trident Microsystems, Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 ZMGHPAudioSrv; C:\Windows\System32\drivers\zmghpau.sys [38016 2011-02-18] (ZOOM)
S3 ZSMC303; C:\Windows\System32\Drivers\usbVM303.sys [391300 2006-02-23] (Vimicro Corporation)
S1 muhilvre; \??\C:\Windows\system32\drivers\muhilvre.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S2 WiseFS; \??\H:\Folders\Software\WFH\Wise Folder Hider\WiseFs32.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 23:00 - 2015-01-15 23:00 - 00002551 _____ () C:\Users\RAaM2\Desktop\JRT.txt
2015-01-15 22:57 - 2015-01-15 22:57 - 00000000 ____D () C:\Windows\ERUNT
2015-01-15 22:49 - 2015-01-15 22:49 - 00000562 _____ () C:\Windows\PFRO.log
2015-01-15 22:32 - 2015-01-15 22:46 - 00000000 ____D () C:\AdwCleaner
2015-01-15 22:29 - 2015-01-15 22:28 - 02191360 _____ () C:\Users\RAaM2\Desktop\AdwCleaner_4.107.exe
2015-01-15 22:29 - 2015-01-15 22:28 - 01707939 _____ (Thisisu) C:\Users\RAaM2\Desktop\JRT.exe
2015-01-15 22:28 - 2015-01-15 22:28 - 01707939 _____ (Thisisu) C:\Users\RAaM2\Downloads\JRT.exe
2015-01-15 22:27 - 2015-01-15 22:28 - 02191360 _____ () C:\Users\RAaM2\Downloads\AdwCleaner_4.107.exe
2015-01-15 21:21 - 2015-01-15 23:02 - 00034373 _____ () C:\Users\RAaM2\Desktop\FRST.txt
2015-01-15 21:21 - 2015-01-15 21:22 - 00070384 _____ () C:\Users\RAaM2\Desktop\Addition.txt
2015-01-15 21:20 - 2015-01-15 21:09 - 01116672 _____ (Farbar) C:\Users\RAaM2\Downloads\FRST.exe
2015-01-15 21:10 - 2015-01-15 23:02 - 00000000 ____D () C:\FRST
2015-01-15 21:08 - 2015-01-15 21:09 - 01116672 _____ (Farbar) C:\Users\RAaM2\Desktop\FRST.exe
2015-01-15 18:11 - 2015-01-15 21:05 - 00001287 _____ () C:\Users\RAaM2\Downloads\Stinger_15012015_181146.html
2015-01-15 17:30 - 2015-01-15 22:49 - 00001033 _____ () C:\Windows\setupact.log
2015-01-15 17:30 - 2015-01-15 17:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 16:45 - 2015-01-15 14:05 - 04188536 _____ (Piriform Ltd) C:\Users\RAaM2\Downloads\ccsetup501_slim.exe
2015-01-15 16:43 - 2015-01-15 21:09 - 00000114 ___RH () C:\Users\RAaM2\Downloads\Stinger.opt
2015-01-15 13:32 - 2015-01-15 13:32 - 00014029 _____ () C:\Users\RAaM2\Downloads\hijackthis.log
2015-01-15 13:22 - 2015-01-15 13:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\RAaM2\Downloads\HiJackThis204.exe
2015-01-15 13:13 - 2015-01-15 13:13 - 00000000 ____D () C:\Quarantine
2015-01-15 13:07 - 2015-01-15 16:38 - 00001073 _____ () C:\Users\RAaM2\Downloads\Stinger_15012015_130717.html
2015-01-15 13:06 - 2015-01-15 21:09 - 00000000 ____D () C:\Program Files\stinger
2015-01-15 13:00 - 2015-01-15 13:04 - 11165552 _____ (McAfee Inc) C:\Users\RAaM2\Downloads\stinger32.exe
2015-01-14 17:28 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 17:28 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:27 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:27 - 2014-12-11 18:47 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:27 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:26 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:17 - 2015-01-15 22:49 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Compatibility Verifier
2015-01-13 20:08 - 2015-01-15 22:30 - 00000112 _____ () C:\ProgramData\W4Gisl.dat
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-13 20:06 - 2015-01-15 22:17 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-01-13 20:06 - 2015-01-15 22:17 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-01-01 18:05 - 2014-10-13 06:57 - 00184192 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-01-01 18:05 - 2014-10-13 06:57 - 00089856 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\Windows\system32\Drivers\ssudbus.sys
2014-12-28 19:40 - 2014-12-28 19:40 - 00001221 _____ () C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TrayIt!.lnk
2014-12-28 19:39 - 2014-12-28 19:39 - 00000000 ____D () C:\Program Files\trayit_4_6_5_5
2014-12-28 19:35 - 2014-12-28 19:35 - 00000000 ____D () C:\Users\RAaM2\Downloads\nw_7668_trayitzip
2014-12-28 19:33 - 2014-12-28 19:33 - 00335253 _____ () C:\Users\RAaM2\Downloads\nw_7668_trayitzip.zip
2014-12-19 15:21 - 2014-12-19 15:21 - 04330507 _____ () C:\Users\RAaM2\Downloads\Tip0000-Download-Paket-Demo.zip
2014-12-18 12:05 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 23:00 - 2009-07-14 05:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 23:00 - 2009-07-14 05:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 22:51 - 2013-04-05 19:39 - 00000000 ___RD () C:\Users\RAaM2\Dropbox
2015-01-15 22:51 - 2013-04-05 19:34 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Dropbox
2015-01-15 22:51 - 2013-04-03 15:10 - 00000000 ___RD () C:\Users\RAaM2\SkyDrive
2015-01-15 22:50 - 2014-07-14 18:35 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat
2015-01-15 22:50 - 2013-01-26 20:32 - 00000000 ___RD () C:\Users\RAaM2\Google Drive
2015-01-15 22:50 - 2010-02-15 22:55 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 22:49 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 22:48 - 2009-11-27 21:31 - 01107954 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 22:41 - 2013-04-10 10:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-01-15 22:36 - 2013-10-04 16:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 22:36 - 2010-02-15 22:55 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 22:15 - 2011-07-22 21:58 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000UA.job
2015-01-15 21:11 - 2014-01-02 12:16 - 00000000 ____D () C:\Program Files\StarMoney 9.0 S-Edition
2015-01-15 17:14 - 2010-05-09 20:30 - 00000000 ____D () C:\Windows\Minidump
2015-01-15 17:11 - 2013-08-15 23:30 - 00000000 ____D () C:\Users\RAaM2\Desktop\Tools
2015-01-15 16:47 - 2014-01-29 13:10 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-15 12:15 - 2011-07-22 21:58 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000Core.job
2015-01-14 18:36 - 2012-10-24 17:25 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-14 18:36 - 2011-05-16 12:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-14 17:12 - 2013-08-15 23:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 16:45 - 2009-09-24 16:13 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 15:36 - 2009-11-27 21:31 - 00000000 ____D () C:\Users\RAaM2
2015-01-14 15:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-14 15:34 - 2014-10-10 17:19 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Telegram Win (Unofficial)
2015-01-14 15:34 - 2013-08-15 23:28 - 00000000 ____D () C:\Users\RAaM2\Desktop\Handy
2015-01-14 15:34 - 2013-07-03 14:56 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-14 15:34 - 2012-03-10 15:38 - 00000000 ____D () C:\Users\Sarah
2015-01-14 15:34 - 2010-10-24 13:21 - 00000000 ____D () C:\Users\Christa
2015-01-14 15:34 - 2010-07-10 16:42 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-01-14 15:34 - 2010-01-16 12:23 - 00000000 ____D () C:\Users\Gast
2015-01-14 15:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-14 15:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-01-14 15:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-13 22:45 - 2009-09-24 15:43 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-02 17:15 - 2009-12-05 20:19 - 00000404 _____ () C:\Windows\Tasks\1-Klick-Wartung.job
2015-01-01 14:41 - 2013-11-12 23:15 - 00000000 ____D () C:\Users\RAaM2\Documents\SelfMV
2014-12-31 12:13 - 2009-10-05 17:03 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-23 19:41 - 2012-08-03 16:13 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Skype
2014-12-22 21:22 - 2014-10-22 14:02 - 00000000 ___RD () C:\Program Files\Skype
2014-12-22 21:22 - 2012-08-03 16:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 15:25 - 2009-12-05 01:01 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\vlc
2014-12-17 21:27 - 2009-12-02 23:08 - 00002648 _____ () C:\Users\RAaM2\AppData\Roaming\wklnhst.dat
2014-12-17 17:45 - 2013-04-05 19:36 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Files to move or delete:
====================
C:\ProgramData\W4Gisl.dat


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\{7815BC09-5CB0-49E5-B205-E2E29FD09BC9}-21.0.1180.60_chrome_installer.exe
C:\Users\RAaM2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpawoxya.dll
C:\Users\RAaM2\AppData\Local\Temp\Quarantine.exe
C:\Users\RAaM2\AppData\Local\Temp\repair4.exe
C:\Users\RAaM2\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-31 09:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015 01
Ran by RAaM2 (administrator) on RAINER-PC on 15-01-2015 23:02:06
Running from C:\Users\RAaM2\Desktop
Loaded Profiles: RAaM2 (Available profiles: RAaM2 & Sarah & Christa & Gast)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(REINER SCT) C:\Windows\System32\cjpcsc.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Windows\System32\UMonit.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Google Quick Search Box] => C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [122880 2009-11-27] (Google Inc.)
HKLM\...\Run: [NetFxUpdate_v1.1.4322] => C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [106496 2004-08-10] (Microsoft)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-09-13] (CANON INC.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [UMonit] => C:\Windows\system32\UMonit.exe [200704 2007-06-18] ()
HKLM\...\Run: [BigDog303] => C:\Windows\VM303_STI.EXE [61440 2006-01-24] (Vimicro)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Path] => C:\Program Files\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe [1989632 2012-06-08] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2707992 2014-09-03] (Sony Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-27] (Google Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [Google Update] => C:\Users\RAaM2\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [SkyDrive] => C:\Users\RAaM2\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1565504 2014-12-16] (Samsung)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [KiesPDLR.exe] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-12-16] (Samsung)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\MountPoints2: {46bb24e7-c704-11e2-bb50-4061864d3aa8} - F:\setup_vmb_lite.exe /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\RAaM2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
HKU\S-1-5-21-837243161-1062950140-3748333167-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> DefaultScope {4128802F-8A28-42C8-A441-F464AA11DDFD} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_deDE355
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {16639E9F-A73B-4829-BF1B-C8E7FA2A33A7} URL = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {17E5117F-F86D-40CA-B89B-2C5B34D78C4B} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearch-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {2BE66F85-635A-44FC-96C2-6CF411D6FAFE} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {4128802F-8A28-42C8-A441-F464AA11DDFD} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GFRE_deDE355
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {7616FC6D-7F42-41D3-8FAA-C4F318003C6D} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {945F02B5-2F33-4B96-8841-835C510EC8C2} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {A8A65AC0-056A-4CEE-9936-3FE3098CF4EA} URL = hxxp://suche.t-online.de/fast-cgi/tsc?q={searchTerms}&sr=searchbar
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {BC87AC6A-4758-4D2A-94EC-84CD4274D282} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {BCB7F24B-F6E1-4BB1-BE9E-BF32BFE7DEA4} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&index=blended&linkCode=ur2&camp=1638&creative=6742&tag=iepluginsearch-21
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {D691082F-E5F2-40CE-8941-3106EBE25670} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> {EFDAAA28-5D6C-40C3-80EF-43B71364A10F} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&tag=iesearchde-21&index=blended&linkCode=qs&camp=1789&creative=9325&keywords={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-837243161-1062950140-3748333167-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD3FF62E-61A7-48EE-A4A4-97CE7BD1F99D} https://eplace-eu.solvay.com/postauthACC/SodaAgent.CAB
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\RAaM2\AppData\Roaming\Mozilla\Firefox\Profiles\vs2ls8wg.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: @tools.google.com/Google Update;version=3 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: @tools.google.com/Google Update;version=9 -> C:\Users\RAaM2\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-837243161-1062950140-3748333167-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\RAaM2\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-31]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-01]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-22]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-05-27]
FF HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Profile: C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DER SPIEGEL) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpbllkmchckcndlogpofcepplhndlg [2012-11-16]
CHR Extension: (Google Drive) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Google Cast) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-03-20]
CHR Extension: (Adblock Plus) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-01]
CHR Extension: (Kindle Cloud Reader) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnemmpobpfaichgccgcilgncfigplmol [2014-11-11]
CHR Extension: (Google-Suche) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (TuneIn: Listen to Online Radio, Music and Talk Stations) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dblgfaikinhoidnoieheigjobmlkhcjc [2013-06-30]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-05-27]
CHR Extension: (Google News) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-01-10]
CHR Extension: (Simple Google bookmarks) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dobhkcpfdpfhghdmiecokllfjiemfmgm [2012-10-22]
CHR Extension: (Cut the Rope) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2012-12-31]
CHR Extension: (Dropbox) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-04-05]
CHR Extension: (SoundCloud) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2013-04-06]
CHR Extension: (Scratchpad) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjebfhglflhjjjiceimfkgicifkhjlnm [2012-11-16]
CHR Extension: (Super Mario Flash 2 Spiel) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\knbkkfblonehbjjkdfiejflknbokmame [2013-09-23]
CHR Extension: (Google Play) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2012-12-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-10]
CHR Extension: (Google Maps) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-01-10]
CHR Extension: (OneDrive) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2013-04-03]
CHR Extension: (LocalChromecast Player) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmladpigjlinmngadjgfogblnmddndcp [2014-03-25]
CHR Extension: (Google Wallet) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2012-11-24]
CHR Extension: (TV Movie Fernsehprogramm) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\omigcnbanchckjpihkioagdjjdhkhhdh [2013-10-05]
CHR Extension: (Wetter) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\paafljigflaodeomfbpjcggedcilkoop [2013-01-10]
CHR Extension: (Google Mail) - C:\Users\RAaM2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
CHR HKU\S-1-5-21-837243161-1062950140-3748333167-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR StartMenuInternet: Google Chrome - C:\Users\RAaM2\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1155072 2009-02-03] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-04-18] (Teruten) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-03-26] (Nitro PDF Software)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [484888 2014-09-03] (Sony Corporation)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
S3 PS3 Media Server; C:\Program Files\PS3 Media Server\win32\service\wrapper.exe [217088 2008-08-17] () [File not signed]
R2 ReflectService; C:\Program Files\Macrium\Reflect\ReflectService.exe [220128 2009-11-12] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2009-07-27] () [File not signed]
S2 SamsungAllShareV2.0; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-01-19] (Samsung Electronics Co., Ltd.)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [657408 2009-10-27] (Nokia) [File not signed]
S3 SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S2 Verifies and fixes application compatibility issues; C:\Users\RAaM2\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) [File not signed]
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28144 2011-03-29] (REINER SCT)
S3 DIGIFW; C:\Windows\System32\DRIVERS\digifw.sys [167952 2010-10-23] (Avid Technology, Inc.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28312 2013-05-23] (Logitech, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [50704 2009-10-20] (CACE Technologies, Inc.)
S3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
S3 PSMounter; C:\Windows\system32\drivers\psmounter.sys [32736 2009-11-12] (Macrium Software)
R0 pssnap; C:\Windows\System32\DRIVERS\pssnap.sys [15328 2008-05-20] (Macrium Software)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions) [File not signed]
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation                           )
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [93304 2010-09-26] (PACE Anti-Piracy, Inc.)
R3 TrdCap; C:\Windows\System32\DRIVERS\TrdCap.sys [1554472 2010-06-09] (Trident Microsystems, Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 ZMGHPAudioSrv; C:\Windows\System32\drivers\zmghpau.sys [38016 2011-02-18] (ZOOM)
S3 ZSMC303; C:\Windows\System32\Drivers\usbVM303.sys [391300 2006-02-23] (Vimicro Corporation)
S1 muhilvre; \??\C:\Windows\system32\drivers\muhilvre.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S2 WiseFS; \??\H:\Folders\Software\WFH\Wise Folder Hider\WiseFs32.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 23:00 - 2015-01-15 23:00 - 00002551 _____ () C:\Users\RAaM2\Desktop\JRT.txt
2015-01-15 22:57 - 2015-01-15 22:57 - 00000000 ____D () C:\Windows\ERUNT
2015-01-15 22:49 - 2015-01-15 22:49 - 00000562 _____ () C:\Windows\PFRO.log
2015-01-15 22:32 - 2015-01-15 22:46 - 00000000 ____D () C:\AdwCleaner
2015-01-15 22:29 - 2015-01-15 22:28 - 02191360 _____ () C:\Users\RAaM2\Desktop\AdwCleaner_4.107.exe
2015-01-15 22:29 - 2015-01-15 22:28 - 01707939 _____ (Thisisu) C:\Users\RAaM2\Desktop\JRT.exe
2015-01-15 22:28 - 2015-01-15 22:28 - 01707939 _____ (Thisisu) C:\Users\RAaM2\Downloads\JRT.exe
2015-01-15 22:27 - 2015-01-15 22:28 - 02191360 _____ () C:\Users\RAaM2\Downloads\AdwCleaner_4.107.exe
2015-01-15 21:21 - 2015-01-15 23:02 - 00034373 _____ () C:\Users\RAaM2\Desktop\FRST.txt
2015-01-15 21:21 - 2015-01-15 21:22 - 00070384 _____ () C:\Users\RAaM2\Desktop\Addition.txt
2015-01-15 21:20 - 2015-01-15 21:09 - 01116672 _____ (Farbar) C:\Users\RAaM2\Downloads\FRST.exe
2015-01-15 21:10 - 2015-01-15 23:02 - 00000000 ____D () C:\FRST
2015-01-15 21:08 - 2015-01-15 21:09 - 01116672 _____ (Farbar) C:\Users\RAaM2\Desktop\FRST.exe
2015-01-15 18:11 - 2015-01-15 21:05 - 00001287 _____ () C:\Users\RAaM2\Downloads\Stinger_15012015_181146.html
2015-01-15 17:30 - 2015-01-15 22:49 - 00001033 _____ () C:\Windows\setupact.log
2015-01-15 17:30 - 2015-01-15 17:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 16:45 - 2015-01-15 14:05 - 04188536 _____ (Piriform Ltd) C:\Users\RAaM2\Downloads\ccsetup501_slim.exe
2015-01-15 16:43 - 2015-01-15 21:09 - 00000114 ___RH () C:\Users\RAaM2\Downloads\Stinger.opt
2015-01-15 13:32 - 2015-01-15 13:32 - 00014029 _____ () C:\Users\RAaM2\Downloads\hijackthis.log
2015-01-15 13:22 - 2015-01-15 13:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\RAaM2\Downloads\HiJackThis204.exe
2015-01-15 13:13 - 2015-01-15 13:13 - 00000000 ____D () C:\Quarantine
2015-01-15 13:07 - 2015-01-15 16:38 - 00001073 _____ () C:\Users\RAaM2\Downloads\Stinger_15012015_130717.html
2015-01-15 13:06 - 2015-01-15 21:09 - 00000000 ____D () C:\Program Files\stinger
2015-01-15 13:00 - 2015-01-15 13:04 - 11165552 _____ (McAfee Inc) C:\Users\RAaM2\Downloads\stinger32.exe
2015-01-14 17:28 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 17:28 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:27 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:27 - 2014-12-11 18:47 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:27 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:26 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:17 - 2015-01-15 22:49 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Compatibility Verifier
2015-01-13 20:08 - 2015-01-15 22:30 - 00000112 _____ () C:\ProgramData\W4Gisl.dat
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-13 20:08 - 2015-01-13 20:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-13 20:06 - 2015-01-15 22:17 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-01-13 20:06 - 2015-01-15 22:17 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-01-01 18:05 - 2014-10-13 06:57 - 00184192 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-01-01 18:05 - 2014-10-13 06:57 - 00089856 _____ (DEVGURU Co., LTD.(???? | ????? ???? ?????.)) C:\Windows\system32\Drivers\ssudbus.sys
2014-12-28 19:40 - 2014-12-28 19:40 - 00001221 _____ () C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TrayIt!.lnk
2014-12-28 19:39 - 2014-12-28 19:39 - 00000000 ____D () C:\Program Files\trayit_4_6_5_5
2014-12-28 19:35 - 2014-12-28 19:35 - 00000000 ____D () C:\Users\RAaM2\Downloads\nw_7668_trayitzip
2014-12-28 19:33 - 2014-12-28 19:33 - 00335253 _____ () C:\Users\RAaM2\Downloads\nw_7668_trayitzip.zip
2014-12-19 15:21 - 2014-12-19 15:21 - 04330507 _____ () C:\Users\RAaM2\Downloads\Tip0000-Download-Paket-Demo.zip
2014-12-18 12:05 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 23:00 - 2009-07-14 05:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 23:00 - 2009-07-14 05:34 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 22:51 - 2013-04-05 19:39 - 00000000 ___RD () C:\Users\RAaM2\Dropbox
2015-01-15 22:51 - 2013-04-05 19:34 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Dropbox
2015-01-15 22:51 - 2013-04-03 15:10 - 00000000 ___RD () C:\Users\RAaM2\SkyDrive
2015-01-15 22:50 - 2014-07-14 18:35 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat
2015-01-15 22:50 - 2013-01-26 20:32 - 00000000 ___RD () C:\Users\RAaM2\Google Drive
2015-01-15 22:50 - 2010-02-15 22:55 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 22:49 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 22:48 - 2009-11-27 21:31 - 01107954 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 22:41 - 2013-04-10 10:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-01-15 22:36 - 2013-10-04 16:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 22:36 - 2010-02-15 22:55 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 22:15 - 2011-07-22 21:58 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000UA.job
2015-01-15 21:11 - 2014-01-02 12:16 - 00000000 ____D () C:\Program Files\StarMoney 9.0 S-Edition
2015-01-15 17:14 - 2010-05-09 20:30 - 00000000 ____D () C:\Windows\Minidump
2015-01-15 17:11 - 2013-08-15 23:30 - 00000000 ____D () C:\Users\RAaM2\Desktop\Tools
2015-01-15 16:47 - 2014-01-29 13:10 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-15 12:15 - 2011-07-22 21:58 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-837243161-1062950140-3748333167-1000Core.job
2015-01-14 18:36 - 2012-10-24 17:25 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-14 18:36 - 2011-05-16 12:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-14 17:12 - 2013-08-15 23:45 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 16:45 - 2009-09-24 16:13 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 15:36 - 2009-11-27 21:31 - 00000000 ____D () C:\Users\RAaM2
2015-01-14 15:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-14 15:34 - 2014-10-10 17:19 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Telegram Win (Unofficial)
2015-01-14 15:34 - 2013-08-15 23:28 - 00000000 ____D () C:\Users\RAaM2\Desktop\Handy
2015-01-14 15:34 - 2013-07-03 14:56 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-14 15:34 - 2012-03-10 15:38 - 00000000 ____D () C:\Users\Sarah
2015-01-14 15:34 - 2010-10-24 13:21 - 00000000 ____D () C:\Users\Christa
2015-01-14 15:34 - 2010-07-10 16:42 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-01-14 15:34 - 2010-01-16 12:23 - 00000000 ____D () C:\Users\Gast
2015-01-14 15:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-14 15:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-01-14 15:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-13 22:45 - 2009-09-24 15:43 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-02 17:15 - 2009-12-05 20:19 - 00000404 _____ () C:\Windows\Tasks\1-Klick-Wartung.job
2015-01-01 14:41 - 2013-11-12 23:15 - 00000000 ____D () C:\Users\RAaM2\Documents\SelfMV
2014-12-31 12:13 - 2009-10-05 17:03 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-23 19:41 - 2012-08-03 16:13 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Skype
2014-12-22 21:22 - 2014-10-22 14:02 - 00000000 ___RD () C:\Program Files\Skype
2014-12-22 21:22 - 2012-08-03 16:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 15:25 - 2009-12-05 01:01 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\vlc
2014-12-17 21:27 - 2009-12-02 23:08 - 00002648 _____ () C:\Users\RAaM2\AppData\Roaming\wklnhst.dat
2014-12-17 17:45 - 2013-04-05 19:36 - 00000000 ____D () C:\Users\RAaM2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Files to move or delete:
====================
C:\ProgramData\W4Gisl.dat


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\{7815BC09-5CB0-49E5-B205-E2E29FD09BC9}-21.0.1180.60_chrome_installer.exe
C:\Users\RAaM2\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpawoxya.dll
C:\Users\RAaM2\AppData\Local\Temp\Quarantine.exe
C:\Users\RAaM2\AppData\Local\Temp\repair4.exe
C:\Users\RAaM2\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-31 09:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Sorry, FRST hab ich zweimal hochgeladen. Eure Board Software sagte dass ich nur alle 40 Sek eine Antwort schicken kann. Da hab ich's nochmal geschickt.

Hey cosinus. Ist jetzt alles ok? Dann würde ich den PC nochmal neu starten.
Und wie kann ich feststellen ob db22.exe noch aktiv ist?

Erstmal vielen Dank zwischendurch!!!

Antwort

Themen zu db22.exe wurde von Stinger gefunden aber nicht gelöscht
abgespielt, anwendung, c:\windows, c:\windows\temp, datei, db22.exe, einfach, gefunde, gelöscht, hintergrund, lautsprecher, löschen, mcaffee, musik, neu, rechner, richtig, schlau, stinger, temp, thread, troja, trojaner, vermute, windows, windows\temp




Ähnliche Themen: db22.exe wurde von Stinger gefunden aber nicht gelöscht


  1. db22.exe festgestellt. Virus lässt sich nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 26.01.2015 (14)
  2. db22.exe kann nicht entfernt werden
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (9)
  3. SpeedChecker gefunden - gelöscht, taucht aber immer wieder auf
    Plagegeister aller Art und deren Bekämpfung - 16.09.2014 (13)
  4. Immer Ärger mit dem Anwalt- .zip Datei gespeichert, aber nicht entpackt und dann gelöscht
    Plagegeister aller Art und deren Bekämpfung - 15.04.2014 (24)
  5. 4 Trojaner gefunden durch Mc Afee stinger
    Plagegeister aller Art und deren Bekämpfung - 25.01.2014 (1)
  6. Trojaner und Malware gefunden, wurden gelöscht, Pc-Probleme sind aber noch da
    Plagegeister aller Art und deren Bekämpfung - 06.09.2013 (18)
  7. PUM.UserWload gefunden, kann aber nicht gelöscht werden
    Log-Analyse und Auswertung - 09.06.2013 (22)
  8. Trojaner gelöscht aber wohl nicht ganz
    Log-Analyse und Auswertung - 09.02.2013 (12)
  9. Trojaner gefunden & gelöscht, aber problem immernoch da!
    Plagegeister aller Art und deren Bekämpfung - 13.01.2012 (40)
  10. deskaubd.dll wurde nicht gefunden, festplattenmeldungen, desktop gelöscht!
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (43)
  11. Laufwerk C ist unsichtbar aber nicht gelöscht.
    Alles rund um Windows - 23.03.2011 (3)
  12. nach der Installation von XoftSpySE wurde ein Keylogger (stealth 4.0) gefunden und gelöscht
    Log-Analyse und Auswertung - 28.10.2010 (1)
  13. malewarebytes benutzt+ alles von antimareware doc gelöscht; aber es ist nicht weg
    Antiviren-, Firewall- und andere Schutzprogramme - 04.09.2010 (4)
  14. Trojaner wurde gefunden und gelöscht, ist mein HijackThis log ok?
    Plagegeister aller Art und deren Bekämpfung - 06.11.2009 (1)
  15. Avast4 und Stinger finden nichts aber ständig infizierte Temp Dateien
    Log-Analyse und Auswertung - 08.07.2008 (3)
  16. Trojaner,"Kann nicht gelöscht werden: Die angegebene Datei wurde nicht gefunden."
    Plagegeister aller Art und deren Bekämpfung - 17.06.2008 (12)
  17. DSO Exploid mit sybot serch&destroy gefunden. bekomme es aber nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 01.02.2005 (2)

Zum Thema db22.exe wurde von Stinger gefunden aber nicht gelöscht - Hallo, bin neu hier. Auf meinem Rechner wurde eine Datei db22.exe gefunden und von McAffee als Trojaner eingestuft. Die Datei wurde aber nicht gelöscht. Kann ich die einfach so löschen? - db22.exe wurde von Stinger gefunden aber nicht gelöscht...
Archiv
Du betrachtest: db22.exe wurde von Stinger gefunden aber nicht gelöscht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.