Virus/Viren, z.B. SmartSaver eingefangen

schrauber · 28.04.2015, 13:57

Ja, genau so einen Download meine ich. PC Mechanic is a) Schrott und b) ne Adware Schleuder.

Die Errors sind aus dem Eventviewer, der ist immer voll mit Errormeldungen

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Jami87 · 29.04.2015, 15:45

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3d83703d8e9a2b42adc31e9054d2558f
# engine=23603
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-28 09:43:15
# local_time=2015-04-28 11:43:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776573 100 100 18842 267790123 0 0
# scanned=260418
# found=4
# cleaned=4
# scan_time=16980
sh=AB3B3853CD7E8C655F1FA74AD583D08CDB06F114 ft=1 fh=69c9688eb3132994 vn="Win32/UniBlue.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe.vir"
sh=3BEE248BC20A32EB4B1BC508FBE84068F21770A6 ft=1 fh=098424b81a118044 vn="Win32/UniBlue.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Uniblue\PC-Mechanic\thirdpartyinstaller.exe.vir"
sh=14DA2E4E7F53132896287BB58184CAAEC5D10D25 ft=1 fh=1bec1ab865c11ba7 vn="Win32/UniBlue.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\*****-***** 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TV91NK4O\pcmechanicpm-standalone-setup[1].exe"
sh=14DA2E4E7F53132896287BB58184CAAEC5D10D25 ft=1 fh=1bec1ab865c11ba7 vn="Win32/UniBlue.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\*****-***** 2\AppData\Local\temp\is-KQLRI.tmp\pm-standalone-setup.exe"

Code:

ATTFilter

 Results of screen317's Security Check version 1.00  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 SUPERAntiSpyware     
 Secunia PSI (2.0.0.4002)   
 Java 8 Update 31  
 Java 8 Update 40  
 Adobe Flash Player 	17.0.0.134  
 Mozilla Firefox (37.0.2) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2015
Ran by *****-***** 2 (administrator) on ***** on 29-04-2015 16:36:33
Running from c:\Users\*****-*****\Downloads\FRST-OlderVersion
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
( ) C:\Windows\System32\lxeacoms.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
() C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Akamai Technologies, Inc.) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
() C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Users\*****-*****\AppData\Local\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Akamai Technologies, Inc.) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Google) C:\Program Files\Google\Google Earth\client\googleearth.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [lxeamon.exe] => C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe [770728 2010-01-18] ()
HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark S300-S400 Series\ezprint.exe [139944 2010-01-18] ()
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-08] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM\...\RunOnce: [{D2C5E510-BE6D-42CC-9F61-E4F939078474}] => C:\Windows\system32\cmd.exe /c rmdir /q /s "C:\Program Files\Lexmark Printable Web"
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [217088 2009-04-11] (Microsoft Corporation)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-07-12] (Sony Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [3905920 2012-06-05] (SUPERAntiSpyware.com)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Akamai NetSession Interface] => C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Amazon Cloud Player] => C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [EPSON SX430 Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [212480 2012-05-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [EPSON Stylus DX8400 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [182272 2007-04-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S0].txt [1747 2015-04-27] ()
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2007-07-20]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-02-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-05-16]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2008-02-26]
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (No File)
Startup: C:\Users\*****-*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2014-05-18]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\*****-*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-12-14]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://vosteran.com/?f=1&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1QzuyDyEyEtByEzyyCyByCyCyDzyyD0BtCzytN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFyBtFtCtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2SyB0E0EyCyE0DyE0EtGtAzy0AzztG0AtCzztCtGyCtAtC0AtGyCyEyDtDtC0AtB0C0Fzz0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0E0F0AyC0CzztGyDtAzzyCtGyEyD0D0CtGzyzzyCtAtGyDtD0Bzyzz0EzzyCzzyByEtD2Q&cr=1074813290&ir=
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.club-vaio.com
hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {399AFF92-3607-4429-B2E3-99BECE8D2374} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {53DBFD01-FF03-4A5F-8F4B-7BF8E909A975} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {C4802B53-BBDC-409E-B3EF-57C0B6708018} URL = hxxp://adfarm.mediaplex.com/ad/ck/707-1403-18840-0?mpro=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {E6BFE530-DE68-4D85-A111-513CA45EFAF0} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-28] (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-28] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
DPF: {00000161-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/msaud.cab
DPF: {33564D57-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-01-25] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\*****-***** 2\AppData\Roaming\Mozilla\Firefox\Profiles\4qlxy2p6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-28] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-07-13] (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-16] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-3850073437-3280287025-709413035-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****-*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-09] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-06-04] (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml [2010-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-14]
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012-12-12]
FF HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Firefox\Extensions: [{D250ED92-1791-42C4-B441-E90BF89B9BEF}] - C:\Users\*****-*****\AppData\Local\{D250ED92-1791-42C4-B441-E90BF89B9BEF}
FF Extension: XULRunner - C:\Users\*****-*****\AppData\Local\{D250ED92-1791-42C4-B441-E90BF89B9BEF} [2011-04-02]
FF HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-12] (SUPERAntiSpyware.com) [File not signed]
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdobeActiveFileMonitor5.0; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [815352 2015-04-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-04-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1004032 2015-04-08] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe [443752 2008-08-18] (DisplayLink Corp.)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S4 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [74752 2011-12-30] (Freemake) [File not signed]
S4 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-26] (Google)
S2 gupdate1ca0ac0f00c0a80; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe [193192 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [598696 2010-01-07] ( )
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S4 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
S4 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
R2 Radio.fx; C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
R2 STacSV; C:\Windows\system32\stacsv.exe [94208 2007-06-13] (SigmaTel, Inc.)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-06-28] (Sony Corporation) [File not signed]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-07-12] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [499712 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation) [File not signed]
R2 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292152 2007-07-05] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation) [File not signed]
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-28] (Sony Corporation) [File not signed]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-28] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [287856 2008-08-18] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [13424 2008-08-18] (DisplayLink Corp.)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2009-04-30] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-14] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
S3 s3017bus; C:\Windows\System32\DRIVERS\s3017bus.sys [83880 2007-12-10] (MCCI Corporation)
S3 s3017mdfl; C:\Windows\System32\DRIVERS\s3017mdfl.sys [15016 2007-12-10] (MCCI Corporation)
S3 s3017mdm; C:\Windows\System32\DRIVERS\s3017mdm.sys [110632 2007-12-10] (MCCI Corporation)
S3 s3017mgmt; C:\Windows\System32\DRIVERS\s3017mgmt.sys [104616 2007-12-10] (MCCI Corporation)
S3 s3017nd5; C:\Windows\System32\DRIVERS\s3017nd5.sys [25512 2007-12-10] (MCCI Corporation)
S3 s3017obex; C:\Windows\System32\DRIVERS\s3017obex.sys [100648 2007-12-10] (MCCI Corporation)
S3 s3017unic; C:\Windows\System32\DRIVERS\s3017unic.sys [110120 2007-12-10] (MCCI Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-06-13] (SigmaTel, Inc.)
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [468096 2007-11-15] (Syntek)
R3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-06] (Texas Instruments)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\*****-~2\AppData\Local\Temp\catchme.sys [X]
S3 dsltestSp5; System32\Drivers\dsltestSp5.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-29 16:21 - 2015-04-29 16:22 - 00852616 _____ () C:\Users\*****-*****\Desktop\SecurityCheck(3).exe
2015-04-28 23:48 - 2015-04-28 23:48 - 00852616 _____ () C:\Users\*****-*****\Downloads\SecurityCheck(2).exe
2015-04-28 23:46 - 2015-04-28 23:47 - 00852616 _____ () C:\Users\*****-*****\Downloads\SecurityCheck(1).exe
2015-04-28 18:52 - 2015-04-28 18:53 - 02347384 _____ (ESET) C:\Users\*****-*****\Downloads\esetsmartinstaller_deu(2).exe
2015-04-27 19:59 - 2015-04-29 16:36 - 00000000 ____D () C:\Users\*****-*****\Downloads\FRST-OlderVersion
2015-04-27 19:55 - 2015-04-27 19:55 - 00001163 _____ () C:\Users\*****-***** 2\Desktop\JRT.txt
2015-04-27 19:52 - 2015-04-27 19:52 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-*****-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-04-27 19:52 - 2015-04-27 19:52 - 00000000 ____D () C:\RegBackup
2015-04-27 19:47 - 2015-04-27 19:48 - 02715845 _____ (Thisisu) C:\Users\*****-*****\Downloads\JRT(1).exe
2015-04-27 19:27 - 2015-04-27 19:27 - 00000341 _____ () C:\Users\*****-*****\Desktop\*****-***** - Verknüpfung.lnk
2015-04-27 19:26 - 2015-04-27 19:31 - 00000000 ____D () C:\AdwCleaner
2015-04-27 19:25 - 2015-04-27 19:25 - 02224640 _____ () C:\Users\*****-*****\Downloads\AdwCleaner_4.202.exe
2015-04-27 19:17 - 2015-04-27 19:22 - 00000343 _____ () C:\Users\*****-*****\Documents\mbam.txt
2015-04-27 19:16 - 2015-04-27 19:16 - 00000343 _____ () C:\Users\*****-*****\Documents\mbam2.txt
2015-04-25 10:17 - 2015-04-25 10:17 - 01187872 _____ (Uniblue Systems Limited ) C:\Users\*****-*****\Downloads\pcmechanicpm.exe
2015-04-24 19:42 - 2015-04-24 19:42 - 00013954 _____ () C:\ComboFix.txt
2015-04-24 18:58 - 2015-04-24 19:42 - 00000000 ____D () C:\ComboFix
2015-04-24 18:22 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-24 18:22 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-24 18:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-24 18:19 - 2015-04-24 19:42 - 00000000 ____D () C:\Qoobox
2015-04-24 18:14 - 2015-04-24 18:41 - 05619466 ____R (Swearware) C:\Users\*****-*****\Downloads\ComboFix.exe
2015-04-23 18:20 - 2015-04-23 18:20 - 00000000 ____D () C:\Users\*****-*****\AppData\Local\Mozilla Firefox
2015-04-23 18:07 - 2015-04-29 16:36 - 00000000 ____D () C:\FRST
2015-04-23 18:07 - 2015-04-27 20:19 - 00044909 _____ () C:\Users\*****-*****\Downloads\FRST.txt
2015-04-23 07:46 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-23 07:33 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-23 07:29 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-23 07:29 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-23 07:27 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-23 07:27 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-23 07:27 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-22 18:41 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-22 18:41 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-22 18:41 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-22 18:41 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-22 18:41 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-22 18:41 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-22 18:41 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-22 18:41 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-22 18:41 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-22 18:41 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-06 11:55 - 2015-04-06 11:55 - 00139504 _____ () C:\Windows\Minidump\Mini040615-01.dmp
2015-04-05 18:53 - 2015-04-05 18:53 - 00000000 ____D () C:\Users\*****-*****\Documents\Citavi 3
2015-03-31 08:57 - 2015-03-31 09:00 - 00001547 _____ () C:\DelFix.txt
2015-03-31 08:57 - 2015-03-31 08:57 - 00000000 ____D () C:\Windows\ERUNT
2015-03-31 08:24 - 2015-03-31 08:25 - 00000000 ____D () C:\Users\*****-*****\Desktop\Neuer Ordner

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-29 16:22 - 2008-02-06 17:25 - 00252513 _____ () C:\Users\*****-*****\AppData\Roaming\nvModes.001
2015-04-29 16:19 - 2009-07-22 13:50 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-29 16:19 - 2008-02-06 15:54 - 01661587 _____ () C:\Windows\WindowsUpdate.log
2015-04-29 16:03 - 2011-01-02 18:31 - 00197520 _____ () C:\ProgramData\lxeascan.log
2015-04-29 16:01 - 2013-07-13 11:20 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7faa4579dfd0.job
2015-04-29 15:56 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-29 15:56 - 2006-11-02 14:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-29 15:56 - 2006-11-02 14:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-29 15:55 - 2007-07-20 16:28 - 01745672 _____ () C:\Windows\PFRO.log
2015-04-28 21:39 - 2008-02-06 17:25 - 00252513 _____ () C:\Users\*****-*****\AppData\Roaming\nvModes.dat
2015-04-28 07:24 - 2007-07-20 15:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-04-28 07:24 - 2006-11-02 15:01 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-27 20:24 - 2008-02-16 15:49 - 00002631 _____ () C:\Users\*****-*****\Desktop\Microsoft Office Word 2007.lnk
2015-04-27 20:10 - 2015-03-21 22:03 - 00074678 _____ () C:\Users\*****-*****\Downloads\Addition.txt
2015-04-27 19:59 - 2015-03-21 21:54 - 01140736 _____ (Farbar) C:\Users\*****-*****\Downloads\FRST.exe
2015-04-27 19:43 - 2006-11-02 12:33 - 01623482 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-27 19:28 - 2008-02-06 17:25 - 00000000 ____D () C:\Users\*****-*****
2015-04-27 19:16 - 2015-03-22 20:21 - 00000343 _____ () C:\Users\*****-*****\Desktop\mbam.txt
2015-04-27 17:58 - 2010-01-02 11:33 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-04-26 20:22 - 2008-02-10 12:56 - 00000000 ____D () C:\Users\*****-*****\AppData\Roaming\Skype
2015-04-26 17:36 - 2011-08-30 06:40 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job
2015-04-25 14:41 - 2011-06-30 12:07 - 00001356 _____ () C:\Users\*****-*****\AppData\Local\d3d9caps.dat
2015-04-24 19:37 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2015-04-23 17:03 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-23 07:46 - 2013-07-26 09:36 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-23 07:34 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-23 07:33 - 2007-07-20 17:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-10 19:16 - 2008-02-16 15:49 - 00002673 _____ () C:\Users\*****-*****\Desktop\Microsoft Office PowerPoint 2007.lnk
2015-04-08 10:18 - 2015-02-21 14:06 - 00000000 ____D () C:\Users\*****-*****\AppData\Roaming\Avira
2015-04-08 10:07 - 2015-02-21 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-08 10:04 - 2012-04-26 06:31 - 00000000 ____D () C:\ProgramData\Avira
2015-04-06 12:54 - 2013-07-25 23:43 - 00000000 ____D () C:\ProgramData\Netzmanager
2015-04-06 12:54 - 2013-06-21 14:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-04-06 12:54 - 2012-06-24 11:07 - 00000000 ____D () C:\Users\*****-*****\AppData\Local\Akamai
2015-04-06 12:54 - 2012-05-23 07:59 - 00000000 ____D () C:\Users\*****-***** 2
2015-04-06 12:54 - 2011-05-25 13:59 - 00000000 ____D () C:\ProgramData\Ulead Systems
2015-04-06 12:54 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2015-04-06 12:54 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-04-06 12:54 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2015-04-06 12:54 - 2006-11-02 12:22 - 66846720 _____ () C:\Windows\system32\config\software_previous
2015-04-06 12:54 - 2006-11-02 12:22 - 52166656 _____ () C:\Windows\system32\config\system_previous
2015-04-06 12:45 - 2006-11-02 12:22 - 49283072 _____ () C:\Windows\system32\config\components_previous
2015-04-06 12:45 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2015-04-06 11:55 - 2010-08-25 19:12 - 216125677 _____ () C:\Windows\MEMORY.DMP
2015-04-06 11:55 - 2008-05-16 22:19 - 00000000 ____D () C:\Windows\Minidump
2015-04-05 19:50 - 2006-11-02 12:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2015-04-05 19:49 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous

==================== Files in the root of some directories =======

2012-05-23 07:59 - 2015-03-11 00:53 - 0043239 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.001
2012-05-23 07:59 - 2007-08-06 15:21 - 0042479 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.dat
2012-06-30 11:35 - 2012-06-30 11:35 - 0000022 ___SH () C:\Users\*****-***** 2\AppData\Roaming\Windows1569_SettingsRepository.bin
2012-05-23 07:59 - 2015-03-28 16:42 - 0002032 _____ () C:\Users\*****-***** 2\AppData\Local\d3d9caps.dat
2012-05-23 07:59 - 2007-08-06 15:06 - 0018944 _____ () C:\Users\*****-***** 2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-30 11:35 - 2012-06-30 11:35 - 0000000 _____ () C:\Users\*****-***** 2\AppData\Local\jv16PT_temp.tmp
2008-02-21 12:45 - 2008-02-21 12:45 - 0000305 _____ () C:\ProgramData\addr_file.html
2009-02-05 22:42 - 2009-02-05 22:42 - 0000056 _____ () C:\ProgramData\ezsidmv.dat
2011-01-02 18:39 - 2011-01-02 18:39 - 0000252 _____ () C:\ProgramData\FastPics.log
2011-03-01 17:18 - 2015-03-07 18:01 - 0045024 _____ () C:\ProgramData\lxea.log
2011-01-02 18:40 - 2011-01-02 18:42 - 0000438 _____ () C:\ProgramData\lxeaDiagnostics.log
2011-01-02 18:44 - 2011-06-02 10:10 - 0004439 _____ () C:\ProgramData\lxeaJSW.log
2011-01-02 18:31 - 2015-04-29 16:03 - 0197520 _____ () C:\ProgramData\lxeascan.log
2011-01-02 18:27 - 2011-01-02 18:27 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Some content of TEMP:
====================
C:\Users\*****-*****\AppData\Local\temp\avgnt.exe


Some zero byte size files/folders:
==========================
C:\Windows\System32\nsprs.dll
C:\Windows\System32\serauth1.dll
C:\Windows\System32\serauth2.dll
C:\Windows\System32\ssprs.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-29 16:22

==================== End Of Log ============================

--- --- ---

--- --- ---

Jami87 · 29.04.2015, 15:45

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-04-2015
Ran by *****-***** 2 at 2015-04-29 16:39:01
Running from c:\Users\*****-*****\Downloads\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3850073437-3280287025-709413035-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3850073437-3280287025-709413035-1002 - Limited - Enabled)
Gast (S-1-5-21-3850073437-3280287025-709413035-501 - Limited - Disabled)
*****-***** (S-1-5-21-3850073437-3280287025-709413035-1000 - Limited - Enabled) => C:\Users\*****-*****
*****-***** 2 (S-1-5-21-3850073437-3280287025-709413035-1003 - Administrator - Enabled) => C:\Users\*****-***** 2

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Durchstarten mit Ponky - Deutsch 1+2" (HKLM\...\"Durchstarten mit Ponky - Deutsch 1+2") (Version: 2.00 - Engel Edition)
"Durchstarten mit Ponky - Mathe 1+2" (HKLM\...\"Durchstarten mit Ponky - Mathe 1+2") (Version: 2.00 - Engel Edition)
"Englisch in der Grundschule mit Ponky 1.+2. Kl." (HKLM\...\"Englisch in der Grundschule mit Ponky 1.+2. Kl.") (Version: 2.00 - Engel Edition)
"Ponky gezielt Deutsch 1+2" (HKLM\...\"Ponky gezielt Deutsch 1+2") (Version: 2.00 - Engel Edition)
"Ponky gezielt Mathe 1+2" (HKLM\...\"Ponky gezielt Mathe 1+2") (Version: 2.00 - Engel Edition)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\{95264530-5A22-8E7E-FE9D-D63A927BCAEA}) (Version: 1.7 - Adobe Systems Incorporated)
Adobe Photoshop Elements 5.0 (HKLM\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Premiere Elements 3.0.2 (HKLM\...\PremElem30) (Version: 3.0.2 - Ihr Firmenname)
Adobe Premiere Elements 3.0.2 Templates (HKLM\...\{6EACDDF4-4220-49A3-9204-984C86852C3D}) (Version: 1.0.0 - Ihr Firmenname)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
All To WMA Converter 1.7 (HKLM\...\All To WMA Converter_is1) (Version: 1.7 - All To WMA Converter)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Amazon Cloud Player (HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Any Video Converter 3.3.2 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aquanuma (HKLM\...\Aquanuma_is1) (Version:  - )
ArcSoft Magic-i Visual Effects Installer (HKLM\...\{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}) (Version:  - ArcSoft)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.20 - Avanquest Software)
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter (HKLM\...\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}) (Version: 2.3 - Sony Corporation)
Benutzerhandbuch - Grundlagen EPSON SX430 Series (HKLM\...\EPSON SX430 Series Bog) (Version:  - )
Benutzerhandbuch EPSON SX430 Series (HKLM\...\EPSON SX430 Series Useg) (Version:  - )
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
Camera RAW Plug-In for EPSON Creativity Suite (HKLM\...\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Citavi (HKLM\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.3.0.0 - Swiss Academic Software)
Citavi 2.5 (HKLM\...\Citavi) (Version: 2.5.2.0 - Academic Software Zurich)
Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)
Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Denken und Rechnen 2 (HKLM\...\Denken und Rechnen 2) (Version:  - )
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DisplayLink Core Software (HKLM\...\{156E1F8D-3555-42F5-8DEC-5E830AF46847}) (Version: 4.5.13507.0 - DisplayLink Corp.)
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.6.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.5 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.4.3 - DivXNetworks, Inc.)
DivxToDVD 0.5.2b (HKLM\...\VSO DivxToDVD_is1) (Version: 0.5.2b - VSO-Software SARL)
DSD Direct (HKLM\...\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}) (Version: 2.0.01 - Sony Corporation)
DSD Direct Player (HKLM\...\{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}) (Version: 1.0 - Sony Corporation)
DSD Playback Plug-in (HKLM\...\{009E7FB7-1775-4D89-8956-F5C9A1C019FC}) (Version: 1.1 - Sony Corporation)
EPSON Attach To Email (HKLM\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Copy Utility 3 (HKLM\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.3.0.0 - )
EPSON Easy Photo Print (HKLM\...\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}) (Version: 1.5.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON File Manager (HKLM\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan Assistant (HKLM\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch (HKLM\...\EPSON Stylus CX7300_CX8300_DX7400_DX8400 Benutzerhandbuch) (Version:  - )
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
ffdshow [rev 2844] [2009-03-30] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
flatster (HKLM\...\{0ADF1B89-17EA-489C-86DF-6E33DA8520A6}_is1) (Version: 1.5 - flatster GmbH)
Free FLV Converter V 6.4.1 (HKLM\...\Free FLV Converter_is1) (Version:  - Koyote Soft)
Free Mp3 Wma Converter V 1.9 (HKLM\...\Free Mp3 Wma Converter_is1) (Version: 1.9.0.0 - Koyote Soft)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free YouTube Download version 3.0.20.1228 (HKLM\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Ltd.)
Freemake Video Converter Version 3.0.1 (HKLM\...\Freemake Video Converter_is1) (Version: 3.0.1 - Ellora Assets Corporation)
Furnish Pro (HKLM\...\Furnish Pro) (Version:  - )
GearDrvs (Version: 1 - Symantec Corporation) Hidden
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk (remove only) (HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
honestech VHS to DVD 2.0 SE (HKLM\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Iminent (Version: 5.26.21.0 - Iminent) Hidden <==== ATTENTION
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
jv16 PowerTools 2012 (HKLM\...\jv16 PowerTools 2011) (Version:  - Macecraft Software)
Lexmark S300-S400 Series (HKLM\...\Lexmark S300-S400 Series) (Version:  - Lexmark International, Inc.)
Lexmark Tools for Office (HKLM\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.29.0.0 - )
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{AC96671C-2001-432C-9826-5266D84EF1DC}) (Version: 12.00.1280 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.0) (Version: 12.0.1278 - Logitech Inc.)
Löwenzahn und Pusteblume (HKLM\...\{C538AA5E-2F9C-48DC-AD5C-B21CE34EA10B}) (Version: 1.0.0 - *)
MAGIX Online Druck Service 2.3.2.0 (D) (HKLM\...\MAGIX Online Druck Service D) (Version: 2.3.2.0 - MAGIX AG)
MAGIX PC Visit (HKLM\...\MAGIX PC Visit D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Video deluxe 2008 Trial 7.5.1.6 (D) (HKLM\...\MAGIX Video deluxe 2008 Trial D) (Version: 7.5.1.6 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MAXQDA 10 (R250412) (HKLM\...\MAXQDA10) (Version: (R250412) - VERBI Software.Consult.Sozialforschung GmbH)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Medion GoPal Assistant 4.01.012 (HKLM\...\Medion GoPal Assistant) (Version: 4.1.12.0 - Medion)
Meine ersten Wörter (HKLM\...\it.clementoni.SapPrimeParoleDE.290A939A40FB4C06653AD1460C6BEBD4C065087B.1) (Version: 1.0 - Clementoni S.p.A.)
Meine ersten Wörter (Version: 1.0 - Clementoni S.p.A.) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Moonlight MPEG-2 Decoder Pack (HKLM\...\Moonlight MPEG-2 Decoder Pack 2.1.4316) (Version: 2.1.4316 - Moonlight Cordless)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Musik & Audio Restaurator Pro 5.0 (HKLM\...\Musik & Audio Restaurator Pro 5_is1) (Version: 5.0 - Softfeld)
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Netzmanager (HKLM\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Netzwerkhandbuch EPSON SX430 Series (HKLM\...\EPSON SX430 Series Netg) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton 360 (Version: 1.2.0.10 - Symantec Corporation) Hidden
Notebook BatteryInfo 1.3  (HKLM\...\BatteryInfo_Suite) (Version: 1.3 - Thomas Michel)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OpenMG Limited Patch 4.7-07-15-19-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140 - Sony Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
PDF24 Creator 5.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Photo Viewer V2.4 (HKLM\...\Photo Viewer) (Version:  - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixie 1.4.1 (HKLM\...\Pixie_is1) (Version: 1.4.1 - Pixie Developers)
QuickTime (HKLM\...\{5B09BD67-4C99-46A1-8161-B7208CE18121}) (Version: 7.3.0.70 - Apple Inc.)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version:  - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rossmann Fotowelt Software 4.12.1 (HKLM\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Rossmann Online Print Wizard Installer 1.0 (HKLM\...\Rossmannr Online Print Wizard Installer_is1) (Version:  - )
Roxio Easy Media Creator Home (HKLM\...\{B7FB0C86-41A4-4402-9A33-912C462042A0}) (Version: 9.0.178 - Roxio)
Scan2PDF 1.6 (HKLM\...\Scan2PDF_is1) (Version:  - Koma-Code)
Secunia PSI (2.0.0.4002) (HKLM\...\Secunia PSI) (Version:  - )
Secure Eraser (HKLM\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 3.0.00.07120 - Sony Corporation)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5102.0 - SigmaTel)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SNAPFISH (HKLM\...\SNAPFISH) (Version:  - )
Snoopy 1.0 (HKLM\...\Snoopy_is1) (Version:  - )
SonicStage Mastering Studio (HKLM\...\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}) (Version: 2.3.01 - Sony Corporation)
SonicStage Mastering Studio (Version: 2.3.01 - Sony Corporation) Hidden
SonicStage Mastering Studio Audio Filter (HKLM\...\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}) (Version: 2.3.01 - Sony Corporation)
SonicStage Mastering Studio Plugins (HKLM\...\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}) (Version: 2.4 - Sony Corporation)
Sony Ericsson Media Manager 1.1 (HKLM\...\{7E910FDA-CBBE-4451-8728-235E6A4DE162}) (Version: 1.1.550 - Sony Ericsson)
Sony Ericsson PC Suite 6.009.00 (HKLM\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.009.00 - Sony Ericsson)
Sony PC Companion 2.10.251 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 2.1.00.04170 - Sony Corporation)
Sony USB Driver (HKLM\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
SONY VGP-UPR1 (Display Adapter) (HKLM\...\{94FBC09C-6F39-4B36-B9DE-66374A6FAAD2}) (Version: 4.5.13507.0 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.2.00 - Sony Corporation)
SpongeBob Schwammkopf - Der Film (HKLM\...\{E81A7285-8CA6-4430-B6C0-5F719E4D40D9}) (Version: 1.0 - )
SPSS 15.0 für Windows [Auswertung Version] (HKLM\...\{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}) (Version: 15.0.1 - SPSS Inc.)
Super Mario PC Fun 2 (HKLM\...\Super Mario PC Fun 2) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1148 - SUPERAntiSpyware.com)
Supreme Auction (HKLM\...\Supreme Auction_is1) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TMPGEnc 4.0 XPress Testversion (HKLM\...\{ECEF8EDE-0421-4E67-9264-5E84F26D4F55}) (Version: 4.7.2.285 - Pegasys Inc,)
Ulead VideoStudio SE DVD (HKLM\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB2.0 ATV (HKLM\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
USB2.0 Capture Device (HKLM\...\{E337B156-DF81-48D8-8977-B1574EE87BCF}) (Version: 1.0.3.0 - )
VAIO Aqua Breeze Wallpaper (HKLM\...\{97BCD719-6ECB-458F-97D6-F38D2E07375E}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Camera Capture Utility (HKLM\...\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}) (Version: 2.7.01.08030 - Sony Corporation)
VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 1.1.02.11070 - Sony Corporation)
VAIO Content Importer  VAIO Content Exporter (Version: 1.2.00.06270 - Sony Corporation) Hidden
VAIO Content Importer / VAIO Content Exporter (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.00.06270 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}) (Version: 2.0.01.07051 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 2.0.01.07051 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM\...\{69351E9E-23ED-41D5-B146-EDBF83C63B66}) (Version: 2.0.01.07041 - Sony Corporation)
VAIO Content Metadata Manager Setting (Version: 2.0.01.07041 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM\...\{B5E2DF30-1061-4DB4-AF28-08996C8E5680}) (Version: 2.1.01.10292 - Sony Corporation)
VAIO Content Metadata XML Interface Library (Version: 2.1.01.10292 - Sony Corporation) Hidden
VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 2.1.00.07110 - Sony Corporation)
VAIO Cozy Orange Wallpaper (HKLM\...\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.02.06190 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.0.00.06280 - Sony Corporation)
VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.2.00.07120 - Sony Corporation)
VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 1.0.00.07090 - Sony Corporation)
VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version:  - )
VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version:  - Sony Corporation)
VAIO Media Integrated Server 6.1 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version:  - Sony Corporation)
VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)
VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)
VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.0.00.18280 - Sony Corporation)
VAIO Movie Story (Version: 1.0.00.18280 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.0.00.18280 - Sony Corporation)
VAIO MusicBox (HKLM\...\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}) (Version: 1.1.02.12100 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.0.00.07030 - Sony Corporation)
VAIO Original Function Setting (HKLM\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.4.00.03240 - Sony Corporation)
VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version:  - )
VAIO Power Management (HKLM\...\{802889F8-6AF5-45A5-9764-CA5B999E50FC}) (Version: 2.2.00.06130 - Sony Corporation)
VAIO Tender Green Wallpaper (HKLM\...\{934A3213-1CB6-4264-84A2-EE080C017BCA}) (Version: 1.0.11.10180 - Sony Corporation)
VAIO Update 3 (HKLM\...\{48820099-ED7D-424B-890C-9A82EF00656D}) (Version: 3.0.02.05280 - Sony Corporation)
VAIO Xblack Contents (HKLM\...\VAIO Xblack Contents) (Version: 1.0.0.0-ENU - )
WDR RadioRecorder (HKLM\...\Tobit Radio.fx Server 1) (Version:  - Tobit.Software)
WIDCOMM Bluetooth Software 6.1.0.1203 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.1203 - Broadcom Corporation)
Windows Live Anmelde-Assistent (HKLM\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinDVD BD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B8.385 - InterVideo Inc.)
WinDVD BD for VAIO (Version: 8.0-B8.385 - InterVideo Inc.) Hidden
Wireless Switch Setting Utility (HKLM\...\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}) (Version: 3.6.00.18210 - Sony Corporation)
WMA MP3 Converter v4.0 build 1217 (HKLM\...\{314AD191-596F-40C0-ACED-3AD78C9649F1}_is1) (Version:  - Hoo Technologies)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Users\*****-*****\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Users\*****-*****\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\*****-*****\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\*****-~1\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe  (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{7F902AD4-FC6A-4B2F-8B8D-B6DD4E329B76}\InprocServer32 -> C:\Users\*****-~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}\localserver32 -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Users\*****-*****\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Users\*****-*****\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\*****-~2\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe  (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)

==================== Restore Points  =========================

23-04-2015 07:13:48 Windows Update
25-04-2015 10:18:36 Uniblue PC Mechanic installation
26-04-2015 10:38:01 Geplanter Prüfpunkt
27-04-2015 21:13:00 Geplanter Prüfpunkt
28-04-2015 17:59:42 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2015-03-13 23:39 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {043D68F3-3670-43A0-B6D5-57F13FF9F9A7} - System32\Tasks\3cfc12c0 => C:\Users\*****-~1\AppData\Local\Temp\\setup4282120128.exe <==== ATTENTION
Task: {10D60821-F8E1-475A-83E8-701EA8E4B1F4} - System32\Tasks\ef6fab80 => C:\Users\*****-~1\AppData\Local\Temp\\setup542040320.exe <==== ATTENTION
Task: {12385836-CA2D-47B9-A214-9F8B297A3DBA} - System32\Tasks\{95687664-AA78-4FC4-BAC4-858ABB1C0B69} => pcalua.exe -a C:\Users\*****-*****\Downloads\VirtualDubMod_1_5_10_2_All_inclusive\AuxSetup.exe -d C:\Users\*****-*****\Downloads\VirtualDubMod_1_5_10_2_All_inclusive
Task: {16D7CE70-497A-4FE4-8C4C-244FAA0734CE} - System32\Tasks\49055640 => C:\Users\*****-~1\AppData\Local\Temp\\setup499886528.exe <==== ATTENTION
Task: {1B4E5659-7DEF-46F9-A0BC-0E6629830B41} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {1CE03B89-7F38-4BA1-A41C-4D8B07DAAE41} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe [2007-05-31] (Sony Corporation)
Task: {1E6473EE-BE0D-4AF2-B139-363A948E362C} - System32\Tasks\{C1EA93FA-188F-4DB9-B64E-36A773014422} => pcalua.exe -a "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl" -c Adobe Gamma
Task: {28E5CD67-956D-4936-A294-4AD90DDAE715} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {2FEF6F31-1C03-441F-95EE-C0881A257656} - System32\Tasks\7bb0880 => C:\Users\*****-~1\AppData\Local\Temp\\setup3595865216.exe <==== ATTENTION
Task: {38DC70C8-5701-41B4-807F-9D4516FF09E7} - System32\Tasks\46de95c0 => C:\Users\*****-~1\AppData\Local\Temp\\setup3316319744.exe <==== ATTENTION
Task: {50AC27F5-D9EB-4BF2-BE03-FC9AF110F37B} - System32\Tasks\e3c09e00 => C:\Users\*****-~1\AppData\Local\Temp\\setup2577851392.exe <==== ATTENTION
Task: {51B468D0-8CEB-4BAE-AEA3-4EC761479B8B} - System32\Tasks\{9830AF16-9482-400B-9E1B-868E8CD8C205} => pcalua.exe -a "C:\Users\*****-*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZU0076JS\SOACCU-01363007-UN[1].exe" -d C:\Users\*****-*****
Task: {598F4D5D-0AAD-4486-9371-BD27A5EA6A80} - System32\Tasks\MCVSurveyReminder4 => reminder.exe
Task: {5DBB8895-2BE0-4495-A797-6009C173A108} - System32\Tasks\{1BF2E65A-1E39-4F45-92FD-E0EF4012BE8A} => pcalua.exe -a C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe -c /M{430CADFA-CCEB-456D-9994-D9113F731644}
Task: {601E4951-95BA-4388-8522-79849722B245} - System32\Tasks\221db200 => C:\Users\*****-~1\AppData\Local\Temp\\setup4129418752.exe <==== ATTENTION
Task: {64CED321-9BDA-438C-8EAE-9FA9F12FD1F1} - System32\Tasks\d8662340 => C:\Users\*****-~1\AppData\Local\Temp\\setup2016372352.exe <==== ATTENTION
Task: {68F11EF1-2EA3-462C-A57B-420826834205} - System32\Tasks\{7AC43103-A4AE-481B-B197-07B3C364EB4B} => pcalua.exe -a C:\Users\*****-*****\Downloads\NVDVID-01587600-UN.exe -d "C:\Program Files\Mozilla Firefox"
Task: {7786971E-B57F-40FD-8139-281ABE1BD89E} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-16] (Google)
Task: {7A796D5F-7CBC-4FAE-9015-B38AA747B38A} - System32\Tasks\8340e7c0 => C:\Users\*****-~1\AppData\Local\Temp\\setup1373268928.exe <==== ATTENTION
Task: {874F7FCC-AF76-442E-A24A-E763321339C5} - System32\Tasks\b4899d80 => C:\Users\*****-~1\AppData\Local\Temp\\setup2355517632.exe <==== ATTENTION
Task: {8CA16ED4-2F50-4900-858E-059AC05BC624} - System32\Tasks\1d5fc740 => C:\Users\*****-~1\AppData\Local\Temp\\setup2435663488.exe <==== ATTENTION
Task: {8D109C3F-BFE7-40B0-B4E9-82D5B9DA3818} - System32\Tasks\{321F8462-3D73-467E-B9DC-B1D0A64C03FE} => Firefox.exe hxxp://ui.skype.com/ui/0/6.21.81.104/de/go/help.faq.installer?LastError=1618
Task: {91EEDBC4-E166-41C0-BD6A-0E0BAB4C9DAF} - System32\Tasks\f9bd8a40 => C:\Users\*****-~1\AppData\Local\Temp\\setup2014348480.exe <==== ATTENTION
Task: {9A0019CE-C77A-41B4-878B-F564DE55AD98} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7faa4579dfd0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {9EA1BE1B-B9AE-42DD-AFD5-8BAAD7523A32} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {A69B794D-07FE-4088-A6F5-FC92516DE4E7} - System32\Tasks\b7c95780 => C:\Users\*****-~1\AppData\Local\Temp\\setup2099225664.exe <==== ATTENTION
Task: {AE13D5DE-F830-4E3D-B01D-148530479116} - System32\Tasks\265edbc0 => C:\Users\*****-~1\AppData\Local\Temp\\setup4200798144.exe <==== ATTENTION
Task: {AF83CA38-58CE-4610-AFCA-459F88C6E38C} - System32\Tasks\MCVSurveyReminder3 => reminder.exe
Task: {BA9261A1-C464-4A08-B582-499B88C325EA} - System32\Tasks\{ABFA890E-19B0-46D9-A582-058578BB8F65} => pcalua.exe -a "C:\Program Files\Trojancheck 6\unins000.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojancheck 6"
Task: {BB74F04E-0A98-4793-85AC-588F73520826} - System32\Tasks\745cd680 => C:\Users\*****-~1\AppData\Local\Temp\\setup522521280.exe <==== ATTENTION
Task: {C03FCD7A-F17A-4C30-B194-412D951E162D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {CD69A141-90D3-4706-85A9-16E38748FB52} - System32\Tasks\bcd27f40 => C:\Users\*****-~1\AppData\Local\Temp\\setup1510311744.exe <==== ATTENTION
Task: {CFFD25B6-A21F-4F81-BEFF-A2EE387662A1} - System32\Tasks\f85fbf80 => C:\Users\*****-~1\AppData\Local\Temp\\setup2183864512.exe <==== ATTENTION
Task: {D3F07B14-4D25-435A-9FF1-A3665E731F9F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E1DC3877-6725-4C56-9628-258B877C3FDA} - \Microsoft\Windows\WindowsCalendar\Reminders - *****-***** No Task File <==== ATTENTION
Task: {E9A76A05-BDA6-4AB7-BAB0-45196D6AE30D} - System32\Tasks\MCVSurveyReminder1 => reminder.exe
Task: {EE04CFD9-B911-4ABA-B2D4-A1B0E90A25A4} - System32\Tasks\{A1EBE010-6567-4A23-BD72-27B12BE82F06} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {F276A72E-9ED4-4158-AFD5-139A0274CBA4} - System32\Tasks\9d1f9880 => C:\Users\*****-~1\AppData\Local\Temp\\setup978493568.exe <==== ATTENTION
Task: {F56357CF-48CE-4AAD-B481-98B03E68F168} - System32\Tasks\d8719480 => C:\Users\*****-~1\AppData\Local\Temp\\setup2386082240.exe <==== ATTENTION
Task: {FB47635A-451D-40A8-B9D8-5AAFECC166EC} - System32\Tasks\SONY\WSSU\WSSU => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2007-06-15] (Sony Corporation)
Task: {FDC62037-CCDD-4758-9FF0-949A973B0161} - System32\Tasks\MCVSurveyReminder2 => reminder.exe
Task: {FEA7AE33-57B1-4E10-8F7C-24F88B867194} - System32\Tasks\3338ae00 => C:\Users\*****-~1\AppData\Local\Temp\\setup1972039872.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7faa4579dfd0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-01-02 18:36 - 2009-11-04 13:14 - 00157696 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxeadrpp.dll
2006-12-22 08:31 - 2006-12-22 08:31 - 00108712 _____ () C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
2014-11-28 18:56 - 2011-11-18 15:51 - 03673944 _____ () C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
2007-07-20 17:37 - 2007-07-12 08:33 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2007-07-20 17:37 - 2007-07-12 08:33 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
2002-11-27 18:25 - 2002-11-27 18:25 - 00049152 _____ () C:\Program Files\LitexMedia\All To WMA Converter\WMAShellExt.dll
2015-03-21 21:19 - 2012-09-07 17:57 - 00452592 _____ () C:\Program Files\ASCOMP Software\Secure Eraser\SecEraser32.dll
2007-06-22 10:49 - 2007-06-22 10:49 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2011-01-02 18:29 - 2010-01-18 19:27 - 00770728 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
2011-01-02 18:29 - 2009-12-16 19:04 - 00389120 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll
2011-01-02 18:31 - 2009-05-27 14:16 - 00192512 _____ () C:\Windows\system32\spool\drivers\w32x86\3\lxeadatr.dll
2011-01-02 18:29 - 2009-12-16 19:07 - 01159168 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeaDRS.dll
2011-01-02 18:29 - 2009-03-10 07:43 - 00155648 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll
2011-01-02 18:27 - 2009-02-20 10:48 - 00299008 _____ () C:\Windows\system32\lxeasm.dll
2011-01-02 18:27 - 2009-04-28 09:56 - 00024064 _____ () C:\Windows\system32\lxeasmr.dll
2011-01-02 18:28 - 2010-01-18 19:27 - 00139944 _____ () C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
2011-01-02 18:28 - 2009-03-30 14:37 - 00708608 _____ () C:\Program Files\Lexmark S300-S400 Series\Epwizard.DLL
2011-01-02 18:28 - 2009-03-30 14:35 - 00159744 _____ () C:\Program Files\Lexmark S300-S400 Series\customui.dll
2011-01-02 18:28 - 2009-03-30 14:35 - 00118784 _____ () C:\Program Files\Lexmark S300-S400 Series\Eputil.DLL
2011-01-02 18:28 - 2009-03-30 14:35 - 00139264 _____ () C:\Program Files\Lexmark S300-S400 Series\Imagutil.DLL
2011-01-02 18:28 - 2009-03-30 14:35 - 00061440 _____ () C:\Program Files\Lexmark S300-S400 Series\Epfunct.DLL
2011-01-02 18:29 - 2009-06-23 13:09 - 02203648 _____ () C:\Program Files\Lexmark S300-S400 Series\EPWizRes.dll
2011-01-02 18:29 - 2009-06-23 13:10 - 00045056 _____ () C:\Program Files\Lexmark S300-S400 Series\epstring.dll
2011-01-02 18:29 - 2009-06-23 13:11 - 00102400 _____ () C:\Program Files\Lexmark S300-S400 Series\EPOEMDll.dll
2011-01-02 18:28 - 2009-04-07 21:25 - 00409600 _____ () C:\Program Files\Lexmark S300-S400 Series\iptk.dll
2011-01-02 18:29 - 2009-03-02 16:25 - 00151552 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll
2015-03-29 13:58 - 2015-01-19 13:06 - 00053496 _____ () C:\Users\*****-*****\AppData\Local\temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-03-20 20:44 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2012-03-20 20:44 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 15:54 - 2011-07-07 15:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll
2011-11-01 20:32 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files\Sony\Sony PC Companion\sqlite3.dll
2012-03-20 20:44 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll
2012-01-27 12:02 - 2012-01-27 12:02 - 00569344 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
2012-05-15 20:42 - 2012-05-15 20:42 - 00052224 _____ () C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2012-05-15 20:42 - 2015-04-29 16:05 - 00065024 _____ () C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2012-05-15 20:42 - 2015-04-29 16:05 - 00052736 _____ () C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
2012-05-15 20:42 - 2012-05-15 20:42 - 00117760 _____ () C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2014-05-16 15:38 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2007-06-22 10:34 - 2007-06-22 10:34 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2012-03-20 20:44 - 2014-06-23 09:07 - 00113376 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2010-05-04 16:36 - 2010-05-04 16:36 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2013-10-07 21:21 - 2013-10-07 21:21 - 01777664 _____ () C:\Program Files\Google\Google Earth\client\QtCore4.dll
2013-10-07 21:24 - 2013-10-07 21:24 - 01224192 _____ () C:\Program Files\Google\Google Earth\client\IGCore.dll
2013-10-07 21:24 - 2013-10-07 21:24 - 00290816 _____ () C:\Program Files\Google\Google Earth\client\IGUtils.dll
2013-10-07 21:24 - 2013-10-07 21:24 - 00631808 _____ () C:\Program Files\Google\Google Earth\client\IGMath.dll
2013-10-07 21:24 - 2013-10-07 21:24 - 01393664 _____ () C:\Program Files\Google\Google Earth\client\alchemy\ogl\IGSg.dll
2013-10-07 21:24 - 2013-10-07 21:24 - 00751104 _____ () C:\Program Files\Google\Google Earth\client\alchemy\ogl\IGAttrs.dll
2013-10-07 21:24 - 2013-10-07 21:24 - 03148288 _____ () C:\Program Files\Google\Google Earth\client\alchemy\ogl\IGGfx.dll
2013-10-07 21:52 - 2013-10-07 21:52 - 17652224 _____ () C:\Program Files\Google\Google Earth\client\googleearth_free.dll
2013-10-07 21:24 - 2013-10-07 21:24 - 00726016 _____ () C:\Program Files\Google\Google Earth\client\IGExportCommon.dll
2013-10-07 21:24 - 2013-10-07 21:24 - 01050624 _____ () C:\Program Files\Google\Google Earth\client\IGOpt.dll
2013-10-07 21:32 - 2013-10-07 21:32 - 00015872 _____ () C:\Program Files\Google\Google Earth\client\alchemyext.dll
2013-10-07 21:21 - 2013-10-07 21:21 - 07877632 _____ () C:\Program Files\Google\Google Earth\client\QtWebKit4.dll
2013-10-07 21:21 - 2013-10-07 21:21 - 06174208 _____ () C:\Program Files\Google\Google Earth\client\QtGui4.dll
2013-10-07 21:21 - 2013-10-07 21:21 - 00518656 _____ () C:\Program Files\Google\Google Earth\client\QtNetwork4.dll
2013-10-07 21:28 - 2013-10-07 21:28 - 00086528 _____ () C:\Program Files\Google\Google Earth\client\ge_expat.dll
2013-10-07 21:21 - 2013-10-07 21:21 - 00018944 _____ () C:\Program Files\Google\Google Earth\client\imageformats\qgif4.dll
2013-10-07 21:21 - 2013-10-07 21:21 - 00158208 _____ () C:\Program Files\Google\Google Earth\client\imageformats\qjpeg4.dll
2013-10-07 21:24 - 2013-10-07 21:24 - 00145408 _____ () C:\Program Files\Google\Google Earth\client\alchemy\optimizations\IGOptExtension.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\intervideo.com -> www.intervideo.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img19.jpg
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GoogleDesktopManager-051210-111108 => 3
MSCONFIG\Services: gupdate1ca0ac0f00c0a80 => 2
MSCONFIG\Services: OMSI download service => 2
MSCONFIG\Services: PACSPTISVR => 3
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: sdAuxService => 2
MSCONFIG\Services: sdCoreService => 2
MSCONFIG\startupfolder: C:^Users^*****-*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*****-*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Medien-Prüfung.lnk => C:\Windows\pss\Picture Motion Browser Medien-Prüfung.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint\Apoint.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: googletalk => C:\Program Files\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: TrayServer => C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{3B5F652A-2913-4AA5-B3B0-E5CC4BBA9F70}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{A36CB363-2FF8-4903-8A7C-C02CE966C1F1}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{E80BA0B8-D827-458C-8FD9-2D631C0FFD53}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{23E3452E-7136-4515-9716-FDED0157294D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{B1A8B887-4149-4978-8C22-5B4E4EF82C9D}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{CD94BE39-19A6-4FBE-9FB5-AEA69041C4CA}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [TCP Query User{5E869D36-5320-423E-9517-9CE576D8EE6E}C:\program files\icq6\icq.exe] => (Allow) C:\program files\icq6\icq.exe
FirewallRules: [UDP Query User{7272C993-B27A-4643-A1FA-239F96ABF88A}C:\program files\icq6\icq.exe] => (Allow) C:\program files\icq6\icq.exe
FirewallRules: [{2F76F63C-3E81-46B8-A40F-C090250E5121}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{7B883190-8DCA-48D9-BF04-B6436BF2D68F}] => (Allow) C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe
FirewallRules: [{582A7AD1-45D1-41F9-BC17-967E429CAD2B}] => (Allow) C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe
FirewallRules: [TCP Query User{979E4801-5A3C-4C83-BEC9-282B531A3BCA}C:\program files\icq6.5\icq.exe] => (Block) C:\program files\icq6.5\icq.exe
FirewallRules: [UDP Query User{88714FC2-53DC-4290-83FA-FC17966E8607}C:\program files\icq6.5\icq.exe] => (Block) C:\program files\icq6.5\icq.exe
FirewallRules: [{4C069130-9D72-4690-ABAD-59264BEBDE46}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{55DD818E-E59D-4D8F-A931-8186811C12FA}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{E7F71EDC-C852-482E-A9B3-C7FF11DCA41C}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{976B6ED5-5F4A-49F7-B6EF-EE60BE4C79EC}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{62D57FE4-9C0D-4B5A-AEA3-9DEECCCD2DD5}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{975D58E6-48F6-44F5-88EF-C500CF0B31CB}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0E545E18-1A24-4409-81B0-C5323F823E18}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{D6E42861-8F37-4A0E-A7F6-5B974FD73C18}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{5313CBFB-A857-44D6-9D0A-49542EDBFA07}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{9C3F0B2E-5001-4202-AF2C-9766A24078B5}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [TCP Query User{51A1958F-15D5-4163-836D-24DD28F87BDA}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{77C0DF32-131E-4C60-A2A9-4407B44931DA}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{54386AB4-35A0-41A9-AC43-3F393890E8C5}] => (Allow) C:\Users\*****-*****\Downloads\SweetImSetup(2).exe
FirewallRules: [{C1AF6C87-ADE7-4F01-B286-182C3B27031C}] => (Allow) C:\Users\*****-*****\Downloads\SweetImSetup(2).exe
FirewallRules: [{19F499D9-E22F-4B7B-A625-2536A4161B5D}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5E615F98-E78C-4F14-B759-A062E0E5A7E3}] => (Allow) svchost.exe
FirewallRules: [{1A45F8CA-5A2B-45D0-A425-5E56F27CB0C6}] => (Allow) C:\Windows\system32\lxeacoms.exe
FirewallRules: [{F893CABE-D527-44E0-AD3B-4B58AAA1E35F}] => (Allow) C:\Windows\system32\LXEAcoms.exe
FirewallRules: [{2FA57709-F8ED-4E11-9026-1A8D6C5587D2}] => (Allow) C:\Windows\system32\LXEAcoms.exe
FirewallRules: [{86CA48FB-F57A-4219-8856-305C1A74FD07}] => (Allow) C:\Windows\system32\LXEAcoms.exe
FirewallRules: [{923D2D0D-2946-49A1-B658-29E21F747F8E}] => (Allow) LPort=80
FirewallRules: [{165A8488-4303-4BF4-8B78-5F1292778B64}] => (Allow) LPort=80
FirewallRules: [{CE82E6BD-BEE2-4A92-BE44-91249CEE4865}] => (Allow) LPort=80
FirewallRules: [TCP Query User{E1B1D6BA-97D1-428C-8D6F-4BF2877C9B25}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B7526044-05C8-4C49-964A-6EC5237DA87B}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0CA17F66-DBB8-4BB7-AF9C-FA8F4EBC634F}C:\program files\logitech\vid hd\vid.exe] => (Block) C:\program files\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{156CD726-4881-4067-B22F-EFA8889397A4}C:\program files\logitech\vid hd\vid.exe] => (Block) C:\program files\logitech\vid hd\vid.exe
FirewallRules: [{16642D4E-0A46-4768-AB55-F971CE044475}] => (Allow) C:\Users\*****-*****\Downloads\Facemoods.exe
FirewallRules: [{DA4DB6A1-FB7B-40AC-B99A-CA71037185C7}] => (Allow) C:\Users\*****-*****\Downloads\Facemoods.exe
FirewallRules: [{7DFBF625-08A6-482F-BBED-1F7D8A225DCF}] => (Allow) C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{6658554D-038D-45BD-B83D-712744C6681F}] => (Allow) C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{CD4CF5F6-A738-48D1-9197-ACCB676AC8B0}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{B6400087-61E2-48E7-A628-2428D77210A7}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{3A4DF019-0634-481F-A9A2-10FE650CFC10}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6C32446C-F773-4F95-BB11-489C4328A2D6}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{E8F0CD5E-56CF-412D-ABC6-AB8AE51DDDB2}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{02802447-B624-4CD1-94AB-56D1F8911D0A}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{AB520453-681B-4C74-A0D1-C14D9C45364D}] => (Allow) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{F32889DA-746A-4104-9EF4-0B494E4CE06B}] => (Allow) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{5CD138C6-6F08-4D37-8B0E-21BC1778CFA0}C:\users\*****-*****\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\*****-*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{583F07B1-2C96-4C1C-991F-A64EDD56D7A8}C:\users\*****-*****\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\*****-*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B4196523-6227-4D9D-A336-BEFFFB00C074}] => (Allow) C:\Program Files\Iminent\Iminent.exe
FirewallRules: [{9A384077-6EB8-4A1B-9527-0F82284AED5E}] => (Allow) C:\Program Files\Iminent\Iminent.Messengers.exe
FirewallRules: [{840500EA-1B36-49F8-ADA1-72DF568513BE}] => (Allow) C:\Users\*****-***** 2\AppData\Local\temp\incredibar_installer.exe
FirewallRules: [{8F9428E9-58F9-4111-A8D1-DD743E4D99BE}] => (Allow) C:\Users\*****-***** 2\AppData\Local\temp\incredibar_installer.exe
FirewallRules: [{E31B7123-C67D-4429-8454-8B78998A650D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{0C8AC61D-91C4-4850-8976-4F6D6AE16C88}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{EACCA4A9-8378-42DB-A710-66EF61F99DF4}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{E5892559-F382-4172-A6E5-5AE724BF8F70}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{299E924D-BFDE-473E-A87E-ABE967C11DF3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{5C89EA99-D2E8-4781-8B6E-25BD47198E52}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [TCP Query User{2F219C78-FFFD-48C4-BD02-3808C8B52B6C}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{18F63728-CE3A-4BDA-A23B-CCADE5A22D47}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [{1FD3EA95-53CB-4DAB-9529-2F6D44F51E50}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{7B048147-BBF8-477D-BB55-C179514AAE1C}C:\program files\logitech\vid hd\vid.exe] => (Block) C:\program files\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{CD09FD84-DFA0-4C0D-B682-28676FC5DD0F}C:\program files\logitech\vid hd\vid.exe] => (Block) C:\program files\logitech\vid hd\vid.exe
FirewallRules: [{27DF86F7-0EFA-4AC5-80CF-59150145427F}] => (Allow) C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{1CA8A470-28FA-4CBF-8691-14E995457C68}] => (Allow) C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{C2E9A825-94BE-4DFF-8E8D-C3389A3B24BB}] => (Allow) C:\Program Files\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{A9DB86FF-43AF-41D5-BD16-8A25A84AE13D}] => (Allow) C:\Program Files\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [TCP Query User{A72AE89A-F6B7-4F79-B2C8-06F12EFFC27D}C:\users\*****-*****\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\*****-*****\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{00871E66-EC05-4BA8-93F3-340056C50437}C:\users\*****-*****\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\*****-*****\appdata\local\mozilla firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Intel(R) 82852/82855 GM/GME-Grafikcontroller (Microsoft Corporation - XDDM)
Description: Intel(R) 82852/82855 GM/GME-Grafikcontroller (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/29/2015 04:06:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.Systray.Program.Main(System.String[])

Error: (04/29/2015 04:01:40 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier2\eventsystem2.cpp38180070005

Error: (04/29/2015 03:59:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/29/2015 03:58:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/29/2015 03:58:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/29/2015 03:56:27 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (04/29/2015 03:56:10 PM) (Source: ESENT) (EventID: 489) (User: )
Description: avguard (552) GaviDB_0: Versuch, Datei "C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.

Error: (04/29/2015 03:56:10 PM) (Source: ESENT) (EventID: 489) (User: )
Description: avguard (552) GaviDB_0: Versuch, Datei "C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.

Error: (04/29/2015 03:56:10 PM) (Source: ESENT) (EventID: 489) (User: )
Description: avguard (552) GaviDB_0: Versuch, Datei "C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.

Error: (04/29/2015 03:56:10 PM) (Source: ESENT) (EventID: 489) (User: )
Description: avguard (552) GaviDB_0: Versuch, Datei "C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\gavi3.db" für den Lesezugriff zu öffnen, ist mit Systemfehler 3 (0x00000003): "Das System kann den angegebenen Pfad nicht finden. " fehlgeschlagen. Fehler -1023 (0xfffffc01) beim Öffnen von Dateien.


System errors:
=============
Error: (04/29/2015 03:59:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Avira Service Host3

Error: (04/29/2015 03:58:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Avira Service Host2100001Neustart des Diensts

Error: (04/29/2015 03:58:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Avira Service Host1100001Neustart des Diensts

Error: (04/29/2015 03:57:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: lxeaCATSCustConnectService%%1053

Error: (04/29/2015 03:57:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000lxeaCATSCustConnectService

Error: (04/29/2015 03:57:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (04/29/2015 03:57:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/29/2015 03:56:53 PM) (Source: TermService) (EventID: 1057) (User: )
Description: Fehler beim Erstellen eines neuen selbstsignierten Zertifikats für die Terminalserver-Authentifizierung bei SSL-Verbindungen auf dem Terminalserver. Der betreffende Statuscode war Schlüssel ist im angegebenen Status nicht gültig.
.

Error: (04/29/2015 03:55:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.04.2015 um 23:54:10 unerwartet heruntergefahren.

Error: (04/28/2015 06:07:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070643Definition Update for Windows Defender - KB915597 (Definition 1.197.802.0){9D5EC6AB-2B6E-4A21-ACCF-92E5510C9E5D}200


Microsoft Office Sessions:
=========================
Error: (01/07/2015 11:09:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2993 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (01/07/2015 11:09:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2965 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/07/2015 11:09:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2951 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/26/2014 10:07:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13351 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (02/27/2014 06:29:37 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1742 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/02/2013 02:23:23 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 678 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (12/13/2012 11:26:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 436 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/11/2012 08:17:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 44 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/14/2012 10:14:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 700 seconds with 660 seconds of active time.  This session ended with a crash.

Error: (06/14/2012 10:02:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1237 seconds with 1200 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-04-27 19:02:11.918
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:11.212
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:10.589
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:09.988
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:08.591
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:07.927
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:07.287
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:06.589
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-24 19:06:11.038
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-24 19:06:10.195
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
Percentage of memory in use: 93%
Total physical RAM: 2045.69 MB
Available physical RAM: 132.7 MB
Total Pagefile: 4336.6 MB
Available Pagefile: 1812.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:176.24 GB) (Free:92.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 186.3 GB) (Disk ID: A8CB6A4C)
Partition 1: (Not Active) - (Size=10.1 GB) - (Type=27)
Partition 2: (Active) - (Size=176.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 30.04.2015, 07:22

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Task: {043D68F3-3670-43A0-B6D5-57F13FF9F9A7} - System32\Tasks\3cfc12c0 => C:\Users\*****-~1\AppData\Local\Temp\\setup4282120128.exe <==== ATTENTION

Task: {10D60821-F8E1-475A-83E8-701EA8E4B1F4} - System32\Tasks\ef6fab80 => C:\Users\*****-~1\AppData\Local\Temp\\setup542040320.exe <==== ATTENTION

Task: {16D7CE70-497A-4FE4-8C4C-244FAA0734CE} - System32\Tasks\49055640 => C:\Users\*****-~1\AppData\Local\Temp\\setup499886528.exe <==== ATTENTION

Task: {2FEF6F31-1C03-441F-95EE-C0881A257656} - System32\Tasks\7bb0880 => C:\Users\*****-~1\AppData\Local\Temp\\setup3595865216.exe <==== ATTENTION

Task: {38DC70C8-5701-41B4-807F-9D4516FF09E7} - System32\Tasks\46de95c0 => C:\Users\*****-~1\AppData\Local\Temp\\setup3316319744.exe <==== ATTENTION

Task: {50AC27F5-D9EB-4BF2-BE03-FC9AF110F37B} - System32\Tasks\e3c09e00 => C:\Users\*****-~1\AppData\Local\Temp\\setup2577851392.exe <==== ATTENTION

Task: {601E4951-95BA-4388-8522-79849722B245} - System32\Tasks\221db200 => C:\Users\*****-~1\AppData\Local\Temp\\setup4129418752.exe <==== ATTENTION

Task: {64CED321-9BDA-438C-8EAE-9FA9F12FD1F1} - System32\Tasks\d8662340 => C:\Users\*****-~1\AppData\Local\Temp\\setup2016372352.exe <==== ATTENTION

Task: {7A796D5F-7CBC-4FAE-9015-B38AA747B38A} - System32\Tasks\8340e7c0 => C:\Users\*****-~1\AppData\Local\Temp\\setup1373268928.exe <==== ATTENTION

Task: {874F7FCC-AF76-442E-A24A-E763321339C5} - System32\Tasks\b4899d80 => C:\Users\*****-~1\AppData\Local\Temp\\setup2355517632.exe <==== ATTENTION

Task: {8CA16ED4-2F50-4900-858E-059AC05BC624} - System32\Tasks\1d5fc740 => C:\Users\*****-~1\AppData\Local\Temp\\setup2435663488.exe <==== ATTENTION

Task: {91EEDBC4-E166-41C0-BD6A-0E0BAB4C9DAF} - System32\Tasks\f9bd8a40 => C:\Users\*****-~1\AppData\Local\Temp\\setup2014348480.exe <==== ATTENTION

Task: {9EA1BE1B-B9AE-42DD-AFD5-8BAAD7523A32} - \Optimizer Pro Schedule No Task File <==== ATTENTION

Task: {A69B794D-07FE-4088-A6F5-FC92516DE4E7} - System32\Tasks\b7c95780 => C:\Users\*****-~1\AppData\Local\Temp\\setup2099225664.exe <==== ATTENTION

Task: {AE13D5DE-F830-4E3D-B01D-148530479116} - System32\Tasks\265edbc0 => C:\Users\*****-~1\AppData\Local\Temp\\setup4200798144.exe <==== ATTENTION

Task: {BB74F04E-0A98-4793-85AC-588F73520826} - System32\Tasks\745cd680 => C:\Users\*****-~1\AppData\Local\Temp\\setup522521280.exe <==== ATTENTION

Task: {CD69A141-90D3-4706-85A9-16E38748FB52} - System32\Tasks\bcd27f40 => C:\Users\*****-~1\AppData\Local\Temp\\setup1510311744.exe <==== ATTENTION

Task: {CFFD25B6-A21F-4F81-BEFF-A2EE387662A1} - System32\Tasks\f85fbf80 => C:\Users\*****-~1\AppData\Local\Temp\\setup2183864512.exe <==== ATTENTION

Task: {E1DC3877-6725-4C56-9628-258B877C3FDA} - \Microsoft\Windows\WindowsCalendar\Reminders - *****-***** No Task File <==== ATTENTION

Task: {F276A72E-9ED4-4158-AFD5-139A0274CBA4} - System32\Tasks\9d1f9880 => C:\Users\*****-~1\AppData\Local\Temp\\setup978493568.exe <==== ATTENTION

Task: {F56357CF-48CE-4AAD-B481-98B03E68F168} - System32\Tasks\d8719480 => C:\Users\*****-~1\AppData\Local\Temp\\setup2386082240.exe <==== ATTENTION

Task: {FEA7AE33-57B1-4E10-8F7C-24F88B867194} - System32\Tasks\3338ae00 => C:\Users\*****-~1\AppData\Local\Temp\\setup1972039872.exe <==== ATTENTION
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.

Jami87 · 30.04.2015, 17:55

Durch was muss ich denn die Sterne ersetzen? Durch den Benutzernamen oder PC-Namen oder woher weiß ich, was das jetzt ist?!?

schrauber · 01.05.2015, 15:30

Na, wer hat denn den Namen rausgelöscht und durch Sterne ersetzt? DU, also musst DU das ja wissen

Benutzername

Jami87 · 01.05.2015, 19:27

Mh, ja, das war ich wohl ;-). Aber ob das mit dem Benutzernamen stimmt? Irgendwie besteht der Nutzername ja aus 2 Bestandteilen und einem Bindestrich, der ja nun hier gar nicht mehr da ist?!? Wenn ich das jetzt falsch ersetze: Kann ich da was "kaputt" machen?

Also ich weiß nicht, ob ich "*****-~1" jetzt durch
"NutzernameTeil1-~1" ersetzen muss oder durch
"NutzernameTeil1-NutzernameTeil2-~1" oder durch
"NutzernameTeil1-NutzernameTeil2~1" oder wie auch immer?!?

schrauber · 02.05.2015, 14:03

Lösch die **** inklusive der Tilde und der 1, also zwischen den Backslashes alles weg, und Nutzername komplett rein.

Wenn was schief geht wird der Fix nicht funktionieren, sonst nix

Jami87 · 02.05.2015, 20:57

So, hier nun die Fixlog, ich hoffe, es ist richtig so geworden?!?

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-04-2015 01
Ran by *****-***** 2 at 2015-05-02 21:25:44 Run:1
Running from c:\Users\*****-*****\Downloads
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Task: {043D68F3-3670-43A0-B6D5-57F13FF9F9A7} - System32\Tasks\3cfc12c0 => C:\Users\*****-*****\AppData\Local\Temp\\setup4282120128.exe <==== ATTENTION

Task: {10D60821-F8E1-475A-83E8-701EA8E4B1F4} - System32\Tasks\ef6fab80 => C:\Users\*****-*****\AppData\Local\Temp\\setup542040320.exe <==== ATTENTION

Task: {16D7CE70-497A-4FE4-8C4C-244FAA0734CE} - System32\Tasks\49055640 => C:\Users\*****-*****\AppData\Local\Temp\\setup499886528.exe <==== ATTENTION

Task: {2FEF6F31-1C03-441F-95EE-C0881A257656} - System32\Tasks\7bb0880 => C:\Users\*****-*****\AppData\Local\Temp\\setup3595865216.exe <==== ATTENTION

Task: {38DC70C8-5701-41B4-807F-9D4516FF09E7} - System32\Tasks\46de95c0 => C:\Users\*****-*****\AppData\Local\Temp\\setup3316319744.exe <==== ATTENTION

Task: {50AC27F5-D9EB-4BF2-BE03-FC9AF110F37B} - System32\Tasks\e3c09e00 => C:\Users\*****-*****\AppData\Local\Temp\\setup2577851392.exe <==== ATTENTION

Task: {601E4951-95BA-4388-8522-79849722B245} - System32\Tasks\221db200 => C:\Users\*****-*****\AppData\Local\Temp\\setup4129418752.exe <==== ATTENTION

Task: {64CED321-9BDA-438C-8EAE-9FA9F12FD1F1} - System32\Tasks\d8662340 => C:\Users\*****-*****\AppData\Local\Temp\\setup2016372352.exe <==== ATTENTION

Task: {7A796D5F-7CBC-4FAE-9015-B38AA747B38A} - System32\Tasks\8340e7c0 => C:\Users\*****-*****\AppData\Local\Temp\\setup1373268928.exe <==== ATTENTION

Task: {874F7FCC-AF76-442E-A24A-E763321339C5} - System32\Tasks\b4899d80 => C:\Users\*****-*****\AppData\Local\Temp\\setup2355517632.exe <==== ATTENTION

Task: {8CA16ED4-2F50-4900-858E-059AC05BC624} - System32\Tasks\1d5fc740 => C:\Users\*****-*****\AppData\Local\Temp\\setup2435663488.exe <==== ATTENTION

Task: {91EEDBC4-E166-41C0-BD6A-0E0BAB4C9DAF} - System32\Tasks\f9bd8a40 => C:\Users\*****-*****\AppData\Local\Temp\\setup2014348480.exe <==== ATTENTION

Task: {9EA1BE1B-B9AE-42DD-AFD5-8BAAD7523A32} - \Optimizer Pro Schedule No Task File <==== ATTENTION

Task: {A69B794D-07FE-4088-A6F5-FC92516DE4E7} - System32\Tasks\b7c95780 => C:\Users\*****-*****\AppData\Local\Temp\\setup2099225664.exe <==== ATTENTION

Task: {AE13D5DE-F830-4E3D-B01D-148530479116} - System32\Tasks\265edbc0 => C:\Users\*****-*****\AppData\Local\Temp\\setup4200798144.exe <==== ATTENTION

Task: {BB74F04E-0A98-4793-85AC-588F73520826} - System32\Tasks\745cd680 => C:\Users\*****-*****\AppData\Local\Temp\\setup522521280.exe <==== ATTENTION

Task: {CD69A141-90D3-4706-85A9-16E38748FB52} - System32\Tasks\bcd27f40 => C:\Users\*****-*****\AppData\Local\Temp\\setup1510311744.exe <==== ATTENTION

Task: {CFFD25B6-A21F-4F81-BEFF-A2EE387662A1} - System32\Tasks\f85fbf80 => C:\Users\*****-*****\AppData\Local\Temp\\setup2183864512.exe <==== ATTENTION

Task: {E1DC3877-6725-4C56-9628-258B877C3FDA} - \Microsoft\Windows\WindowsCalendar\Reminders - *****-***** No Task File <==== ATTENTION

Task: {F276A72E-9ED4-4158-AFD5-139A0274CBA4} - System32\Tasks\9d1f9880 => C:\Users\*****-*****\AppData\Local\Temp\\setup978493568.exe <==== ATTENTION

Task: {F56357CF-48CE-4AAD-B481-98B03E68F168} - System32\Tasks\d8719480 => C:\Users\*****-*****\AppData\Local\Temp\\setup2386082240.exe <==== ATTENTION

Task: {FEA7AE33-57B1-4E10-8F7C-24F88B867194} - System32\Tasks\3338ae00 => C:\Users\*****-*****\AppData\Local\Temp\\setup1972039872.exe <==== ATTENTION
Emptytemp:
         
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{043D68F3-3670-43A0-B6D5-57F13FF9F9A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{043D68F3-3670-43A0-B6D5-57F13FF9F9A7}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cfc12c0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cfc12c0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10D60821-F8E1-475A-83E8-701EA8E4B1F4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10D60821-F8E1-475A-83E8-701EA8E4B1F4}" => Key deleted successfully.
C:\Windows\System32\Tasks\ef6fab80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ef6fab80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16D7CE70-497A-4FE4-8C4C-244FAA0734CE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16D7CE70-497A-4FE4-8C4C-244FAA0734CE}" => Key deleted successfully.
C:\Windows\System32\Tasks\49055640 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\49055640" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FEF6F31-1C03-441F-95EE-C0881A257656}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FEF6F31-1C03-441F-95EE-C0881A257656}" => Key deleted successfully.
C:\Windows\System32\Tasks\7bb0880 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7bb0880" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38DC70C8-5701-41B4-807F-9D4516FF09E7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38DC70C8-5701-41B4-807F-9D4516FF09E7}" => Key deleted successfully.
C:\Windows\System32\Tasks\46de95c0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\46de95c0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50AC27F5-D9EB-4BF2-BE03-FC9AF110F37B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50AC27F5-D9EB-4BF2-BE03-FC9AF110F37B}" => Key deleted successfully.
C:\Windows\System32\Tasks\e3c09e00 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e3c09e00" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{601E4951-95BA-4388-8522-79849722B245}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{601E4951-95BA-4388-8522-79849722B245}" => Key deleted successfully.
C:\Windows\System32\Tasks\221db200 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\221db200" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64CED321-9BDA-438C-8EAE-9FA9F12FD1F1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64CED321-9BDA-438C-8EAE-9FA9F12FD1F1}" => Key deleted successfully.
C:\Windows\System32\Tasks\d8662340 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d8662340" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A796D5F-7CBC-4FAE-9015-B38AA747B38A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A796D5F-7CBC-4FAE-9015-B38AA747B38A}" => Key deleted successfully.
C:\Windows\System32\Tasks\8340e7c0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8340e7c0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{874F7FCC-AF76-442E-A24A-E763321339C5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{874F7FCC-AF76-442E-A24A-E763321339C5}" => Key deleted successfully.
C:\Windows\System32\Tasks\b4899d80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b4899d80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CA16ED4-2F50-4900-858E-059AC05BC624}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CA16ED4-2F50-4900-858E-059AC05BC624}" => Key deleted successfully.
C:\Windows\System32\Tasks\1d5fc740 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1d5fc740" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91EEDBC4-E166-41C0-BD6A-0E0BAB4C9DAF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91EEDBC4-E166-41C0-BD6A-0E0BAB4C9DAF}" => Key deleted successfully.
C:\Windows\System32\Tasks\f9bd8a40 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f9bd8a40" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9EA1BE1B-B9AE-42DD-AFD5-8BAAD7523A32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EA1BE1B-B9AE-42DD-AFD5-8BAAD7523A32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimizer Pro Schedule" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A69B794D-07FE-4088-A6F5-FC92516DE4E7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A69B794D-07FE-4088-A6F5-FC92516DE4E7}" => Key deleted successfully.
C:\Windows\System32\Tasks\b7c95780 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b7c95780" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE13D5DE-F830-4E3D-B01D-148530479116}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE13D5DE-F830-4E3D-B01D-148530479116}" => Key deleted successfully.
C:\Windows\System32\Tasks\265edbc0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\265edbc0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB74F04E-0A98-4793-85AC-588F73520826}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB74F04E-0A98-4793-85AC-588F73520826}" => Key deleted successfully.
C:\Windows\System32\Tasks\745cd680 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\745cd680" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD69A141-90D3-4706-85A9-16E38748FB52}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD69A141-90D3-4706-85A9-16E38748FB52}" => Key deleted successfully.
C:\Windows\System32\Tasks\bcd27f40 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bcd27f40" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFFD25B6-A21F-4F81-BEFF-A2EE387662A1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFFD25B6-A21F-4F81-BEFF-A2EE387662A1}" => Key deleted successfully.
C:\Windows\System32\Tasks\f85fbf80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f85fbf80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E1DC3877-6725-4C56-9628-258B877C3FDA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1DC3877-6725-4C56-9628-258B877C3FDA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsCalendar\Reminders - *****-*****" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F276A72E-9ED4-4158-AFD5-139A0274CBA4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F276A72E-9ED4-4158-AFD5-139A0274CBA4}" => Key deleted successfully.
C:\Windows\System32\Tasks\9d1f9880 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9d1f9880" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F56357CF-48CE-4AAD-B481-98B03E68F168}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F56357CF-48CE-4AAD-B481-98B03E68F168}" => Key deleted successfully.
C:\Windows\System32\Tasks\d8719480 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d8719480" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEA7AE33-57B1-4E10-8F7C-24F88B867194}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEA7AE33-57B1-4E10-8F7C-24F88B867194}" => Key deleted successfully.
C:\Windows\System32\Tasks\3338ae00 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3338ae00" => Key deleted successfully.
EmptyTemp: => Removed 107.4 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 21:26:15 ====

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-04-2015 01
Ran by *****-***** 2 at 2015-05-02 21:25:44 Run:1
Running from c:\Users\*****-*****\Downloads
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Task: {043D68F3-3670-43A0-B6D5-57F13FF9F9A7} - System32\Tasks\3cfc12c0 => C:\Users\*****-*****\AppData\Local\Temp\\setup4282120128.exe <==== ATTENTION

Task: {10D60821-F8E1-475A-83E8-701EA8E4B1F4} - System32\Tasks\ef6fab80 => C:\Users\*****-*****\AppData\Local\Temp\\setup542040320.exe <==== ATTENTION

Task: {16D7CE70-497A-4FE4-8C4C-244FAA0734CE} - System32\Tasks\49055640 => C:\Users\*****-*****\AppData\Local\Temp\\setup499886528.exe <==== ATTENTION

Task: {2FEF6F31-1C03-441F-95EE-C0881A257656} - System32\Tasks\7bb0880 => C:\Users\*****-*****\AppData\Local\Temp\\setup3595865216.exe <==== ATTENTION

Task: {38DC70C8-5701-41B4-807F-9D4516FF09E7} - System32\Tasks\46de95c0 => C:\Users\*****-*****\AppData\Local\Temp\\setup3316319744.exe <==== ATTENTION

Task: {50AC27F5-D9EB-4BF2-BE03-FC9AF110F37B} - System32\Tasks\e3c09e00 => C:\Users\*****-*****\AppData\Local\Temp\\setup2577851392.exe <==== ATTENTION

Task: {601E4951-95BA-4388-8522-79849722B245} - System32\Tasks\221db200 => C:\Users\*****-*****\AppData\Local\Temp\\setup4129418752.exe <==== ATTENTION

Task: {64CED321-9BDA-438C-8EAE-9FA9F12FD1F1} - System32\Tasks\d8662340 => C:\Users\*****-*****\AppData\Local\Temp\\setup2016372352.exe <==== ATTENTION

Task: {7A796D5F-7CBC-4FAE-9015-B38AA747B38A} - System32\Tasks\8340e7c0 => C:\Users\*****-*****\AppData\Local\Temp\\setup1373268928.exe <==== ATTENTION

Task: {874F7FCC-AF76-442E-A24A-E763321339C5} - System32\Tasks\b4899d80 => C:\Users\*****-*****\AppData\Local\Temp\\setup2355517632.exe <==== ATTENTION

Task: {8CA16ED4-2F50-4900-858E-059AC05BC624} - System32\Tasks\1d5fc740 => C:\Users\*****-*****\AppData\Local\Temp\\setup2435663488.exe <==== ATTENTION

Task: {91EEDBC4-E166-41C0-BD6A-0E0BAB4C9DAF} - System32\Tasks\f9bd8a40 => C:\Users\*****-*****\AppData\Local\Temp\\setup2014348480.exe <==== ATTENTION

Task: {9EA1BE1B-B9AE-42DD-AFD5-8BAAD7523A32} - \Optimizer Pro Schedule No Task File <==== ATTENTION

Task: {A69B794D-07FE-4088-A6F5-FC92516DE4E7} - System32\Tasks\b7c95780 => C:\Users\*****-*****\AppData\Local\Temp\\setup2099225664.exe <==== ATTENTION

Task: {AE13D5DE-F830-4E3D-B01D-148530479116} - System32\Tasks\265edbc0 => C:\Users\*****-*****\AppData\Local\Temp\\setup4200798144.exe <==== ATTENTION

Task: {BB74F04E-0A98-4793-85AC-588F73520826} - System32\Tasks\745cd680 => C:\Users\*****-*****\AppData\Local\Temp\\setup522521280.exe <==== ATTENTION

Task: {CD69A141-90D3-4706-85A9-16E38748FB52} - System32\Tasks\bcd27f40 => C:\Users\*****-*****\AppData\Local\Temp\\setup1510311744.exe <==== ATTENTION

Task: {CFFD25B6-A21F-4F81-BEFF-A2EE387662A1} - System32\Tasks\f85fbf80 => C:\Users\*****-*****\AppData\Local\Temp\\setup2183864512.exe <==== ATTENTION

Task: {E1DC3877-6725-4C56-9628-258B877C3FDA} - \Microsoft\Windows\WindowsCalendar\Reminders - *****-***** No Task File <==== ATTENTION

Task: {F276A72E-9ED4-4158-AFD5-139A0274CBA4} - System32\Tasks\9d1f9880 => C:\Users\*****-*****\AppData\Local\Temp\\setup978493568.exe <==== ATTENTION

Task: {F56357CF-48CE-4AAD-B481-98B03E68F168} - System32\Tasks\d8719480 => C:\Users\*****-*****\AppData\Local\Temp\\setup2386082240.exe <==== ATTENTION

Task: {FEA7AE33-57B1-4E10-8F7C-24F88B867194} - System32\Tasks\3338ae00 => C:\Users\*****-*****\AppData\Local\Temp\\setup1972039872.exe <==== ATTENTION
Emptytemp:
         
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{043D68F3-3670-43A0-B6D5-57F13FF9F9A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{043D68F3-3670-43A0-B6D5-57F13FF9F9A7}" => Key deleted successfully.
C:\Windows\System32\Tasks\3cfc12c0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3cfc12c0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10D60821-F8E1-475A-83E8-701EA8E4B1F4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10D60821-F8E1-475A-83E8-701EA8E4B1F4}" => Key deleted successfully.
C:\Windows\System32\Tasks\ef6fab80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ef6fab80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16D7CE70-497A-4FE4-8C4C-244FAA0734CE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16D7CE70-497A-4FE4-8C4C-244FAA0734CE}" => Key deleted successfully.
C:\Windows\System32\Tasks\49055640 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\49055640" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FEF6F31-1C03-441F-95EE-C0881A257656}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FEF6F31-1C03-441F-95EE-C0881A257656}" => Key deleted successfully.
C:\Windows\System32\Tasks\7bb0880 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7bb0880" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38DC70C8-5701-41B4-807F-9D4516FF09E7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38DC70C8-5701-41B4-807F-9D4516FF09E7}" => Key deleted successfully.
C:\Windows\System32\Tasks\46de95c0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\46de95c0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50AC27F5-D9EB-4BF2-BE03-FC9AF110F37B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50AC27F5-D9EB-4BF2-BE03-FC9AF110F37B}" => Key deleted successfully.
C:\Windows\System32\Tasks\e3c09e00 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e3c09e00" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{601E4951-95BA-4388-8522-79849722B245}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{601E4951-95BA-4388-8522-79849722B245}" => Key deleted successfully.
C:\Windows\System32\Tasks\221db200 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\221db200" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64CED321-9BDA-438C-8EAE-9FA9F12FD1F1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64CED321-9BDA-438C-8EAE-9FA9F12FD1F1}" => Key deleted successfully.
C:\Windows\System32\Tasks\d8662340 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d8662340" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A796D5F-7CBC-4FAE-9015-B38AA747B38A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A796D5F-7CBC-4FAE-9015-B38AA747B38A}" => Key deleted successfully.
C:\Windows\System32\Tasks\8340e7c0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\8340e7c0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{874F7FCC-AF76-442E-A24A-E763321339C5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{874F7FCC-AF76-442E-A24A-E763321339C5}" => Key deleted successfully.
C:\Windows\System32\Tasks\b4899d80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b4899d80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CA16ED4-2F50-4900-858E-059AC05BC624}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CA16ED4-2F50-4900-858E-059AC05BC624}" => Key deleted successfully.
C:\Windows\System32\Tasks\1d5fc740 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1d5fc740" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91EEDBC4-E166-41C0-BD6A-0E0BAB4C9DAF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91EEDBC4-E166-41C0-BD6A-0E0BAB4C9DAF}" => Key deleted successfully.
C:\Windows\System32\Tasks\f9bd8a40 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f9bd8a40" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9EA1BE1B-B9AE-42DD-AFD5-8BAAD7523A32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EA1BE1B-B9AE-42DD-AFD5-8BAAD7523A32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimizer Pro Schedule" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A69B794D-07FE-4088-A6F5-FC92516DE4E7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A69B794D-07FE-4088-A6F5-FC92516DE4E7}" => Key deleted successfully.
C:\Windows\System32\Tasks\b7c95780 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\b7c95780" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE13D5DE-F830-4E3D-B01D-148530479116}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE13D5DE-F830-4E3D-B01D-148530479116}" => Key deleted successfully.
C:\Windows\System32\Tasks\265edbc0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\265edbc0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB74F04E-0A98-4793-85AC-588F73520826}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB74F04E-0A98-4793-85AC-588F73520826}" => Key deleted successfully.
C:\Windows\System32\Tasks\745cd680 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\745cd680" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD69A141-90D3-4706-85A9-16E38748FB52}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD69A141-90D3-4706-85A9-16E38748FB52}" => Key deleted successfully.
C:\Windows\System32\Tasks\bcd27f40 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bcd27f40" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFFD25B6-A21F-4F81-BEFF-A2EE387662A1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFFD25B6-A21F-4F81-BEFF-A2EE387662A1}" => Key deleted successfully.
C:\Windows\System32\Tasks\f85fbf80 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f85fbf80" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E1DC3877-6725-4C56-9628-258B877C3FDA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1DC3877-6725-4C56-9628-258B877C3FDA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsCalendar\Reminders - *****-*****" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F276A72E-9ED4-4158-AFD5-139A0274CBA4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F276A72E-9ED4-4158-AFD5-139A0274CBA4}" => Key deleted successfully.
C:\Windows\System32\Tasks\9d1f9880 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9d1f9880" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F56357CF-48CE-4AAD-B481-98B03E68F168}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F56357CF-48CE-4AAD-B481-98B03E68F168}" => Key deleted successfully.
C:\Windows\System32\Tasks\d8719480 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d8719480" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEA7AE33-57B1-4E10-8F7C-24F88B867194}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEA7AE33-57B1-4E10-8F7C-24F88B867194}" => Key deleted successfully.
C:\Windows\System32\Tasks\3338ae00 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3338ae00" => Key deleted successfully.
EmptyTemp: => Removed 107.4 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 21:26:15 ====

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-05-2015
Ran by *****-***** 2 (administrator) on ***** on 02-05-2015 21:50:37
Running from c:\Users\*****-*****\Downloads\FRST-OlderVersion\FRST-OlderVersion\FRST-OlderVersion
Loaded Profiles: *****-***** & *****-***** 2 (Available profiles: *****-***** & *****-***** 2)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
( ) C:\Windows\System32\lxeacoms.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
() C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Akamai Technologies, Inc.) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
() C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Akamai Technologies, Inc.) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Users\*****-*****\AppData\Local\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [lxeamon.exe] => C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe [770728 2010-01-18] ()
HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark S300-S400 Series\ezprint.exe [139944 2010-01-18] ()
HKLM\...\Run: [UVS10 Preload] => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-08] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM\...\RunOnce: [{D2C5E510-BE6D-42CC-9F61-E4F939078474}] => C:\Windows\system32\cmd.exe /c rmdir /q /s "C:\Program Files\Lexmark Printable Web"
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [217088 2009-04-11] (Microsoft Corporation)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04] (SUPERAntiSpyware.com)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-07-12] (Sony Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [3905920 2012-06-05] (SUPERAntiSpyware.com)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Akamai NetSession Interface] => C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [Amazon Cloud Player] => C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [EPSON SX430 Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [212480 2012-05-18] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Run: [EPSON Stylus DX8400 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [182272 2007-04-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S0].txt [1747 2015-04-27] ()
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\vaiomov.scr [53248 2004-12-27] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2007-07-20]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-02-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012-05-16]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2008-02-26]
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (No File)
Startup: C:\Users\*****-*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2014-05-18]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\*****-*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-12-14]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3850073437-3280287025-709413035-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://vosteran.com/?f=1&a=vst_ir_15_05&cd=2XzuyEtN2Y1L1QzuyDyEyEtByEzyyCyByCyCyDzyyD0BtCzytN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFyBtFtCtN1L1CzutCyEtBzytDyD1V1BtAtN1L1G1B1V1N2Y1L1Qzu2SyB0E0EyCyE0DyE0EtGtAzy0AzztG0AtCzztCtGyCtAtC0AtGyCyEyDtDtC0AtB0C0Fzz0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0E0F0AyC0CzztGyDtAzzyCtGyEyD0D0CtGzyzzyCtAtGyDtD0Bzyzz0EzzyCzzyByEtD2Q&cr=1074813290&ir=
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.club-vaio.com
hxxp://partnerpage.google.com/eu.sony.com/de
hxxp://www.club-vaio.com/vbc
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {399AFF92-3607-4429-B2E3-99BECE8D2374} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {53DBFD01-FF03-4A5F-8F4B-7BF8E909A975} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {C4802B53-BBDC-409E-B3EF-57C0B6708018} URL = hxxp://adfarm.mediaplex.com/ad/ck/707-1403-18840-0?mpro=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
SearchScopes: HKU\S-1-5-21-3850073437-3280287025-709413035-1003 -> {E6BFE530-DE68-4D85-A111-513CA45EFAF0} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie7-toi
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-28] (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-28] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKU\S-1-5-21-3850073437-3280287025-709413035-1000 -> No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
DPF: {00000161-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/msaud.cab
DPF: {33564D57-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-01-25] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\*****-***** 2\AppData\Roaming\Mozilla\Firefox\Profiles\4qlxy2p6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-28] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-07-13] (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-28] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-16] (Google)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-3850073437-3280287025-709413035-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****-*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-09] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009-06-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2009-06-04] (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml [2010-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-14]
FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012-12-12]
FF HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Firefox\Extensions: [{D250ED92-1791-42C4-B441-E90BF89B9BEF}] - C:\Users\*****-*****\AppData\Local\{D250ED92-1791-42C4-B441-E90BF89B9BEF}
FF Extension: XULRunner - C:\Users\*****-*****\AppData\Local\{D250ED92-1791-42C4-B441-E90BF89B9BEF} [2011-04-02]
FF HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3850073437-3280287025-709413035-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-12] (SUPERAntiSpyware.com) [File not signed]
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdobeActiveFileMonitor5.0; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [815352 2015-04-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-04-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1004032 2015-04-08] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe [443752 2008-08-18] (DisplayLink Corp.)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S4 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [74752 2011-12-30] (Freemake) [File not signed]
S4 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-26] (Google)
S2 gupdate1ca0ac0f00c0a80; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeaserv.exe [193192 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [598696 2010-01-07] ( )
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S4 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
S4 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
R2 Radio.fx; C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
R2 STacSV; C:\Windows\system32\stacsv.exe [94208 2007-06-13] (SigmaTel, Inc.)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-06-28] (Sony Corporation) [File not signed]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-07-12] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [499712 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation) [File not signed]
R2 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292152 2007-07-05] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation) [File not signed]
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-28] (Sony Corporation) [File not signed]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-28] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [287856 2008-08-18] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [13424 2008-08-18] (DisplayLink Corp.)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2009-04-30] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-14] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
S3 s3017bus; C:\Windows\System32\DRIVERS\s3017bus.sys [83880 2007-12-10] (MCCI Corporation)
S3 s3017mdfl; C:\Windows\System32\DRIVERS\s3017mdfl.sys [15016 2007-12-10] (MCCI Corporation)
S3 s3017mdm; C:\Windows\System32\DRIVERS\s3017mdm.sys [110632 2007-12-10] (MCCI Corporation)
S3 s3017mgmt; C:\Windows\System32\DRIVERS\s3017mgmt.sys [104616 2007-12-10] (MCCI Corporation)
S3 s3017nd5; C:\Windows\System32\DRIVERS\s3017nd5.sys [25512 2007-12-10] (MCCI Corporation)
S3 s3017obex; C:\Windows\System32\DRIVERS\s3017obex.sys [100648 2007-12-10] (MCCI Corporation)
S3 s3017unic; C:\Windows\System32\DRIVERS\s3017unic.sys [110120 2007-12-10] (MCCI Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-06-13] (SigmaTel, Inc.)
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [468096 2007-11-15] (Syntek)
R3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-06] (Texas Instruments)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\*****-~2\AppData\Local\Temp\catchme.sys [X]
S3 dsltestSp5; System32\Drivers\dsltestSp5.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 21:25 - 2015-05-02 21:22 - 00003377 _____ () C:\Users\*****-*****\Desktop\Fixlist.txt
2015-04-30 18:08 - 2015-04-30 18:08 - 00001879 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-04-29 16:21 - 2015-04-29 16:22 - 00852616 _____ () C:\Users\*****-*****\Desktop\SecurityCheck(3).exe
2015-04-28 23:48 - 2015-04-28 23:48 - 00852616 _____ () C:\Users\*****-*****\Downloads\SecurityCheck(2).exe
2015-04-28 23:46 - 2015-04-28 23:47 - 00852616 _____ () C:\Users\*****-*****\Downloads\SecurityCheck(1).exe
2015-04-28 18:52 - 2015-04-28 18:53 - 02347384 _____ (ESET) C:\Users\*****-*****\Downloads\esetsmartinstaller_deu(2).exe
2015-04-27 19:59 - 2015-04-29 16:39 - 00000000 ____D () C:\Users\*****-*****\Downloads\FRST-OlderVersion
2015-04-27 19:55 - 2015-04-27 19:55 - 00001163 _____ () C:\Users\*****-***** 2\Desktop\JRT.txt
2015-04-27 19:52 - 2015-04-27 19:52 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-*****-Windows-Vista-(TM)-Home-Premium-(32-bit).dat
2015-04-27 19:52 - 2015-04-27 19:52 - 00000000 ____D () C:\RegBackup
2015-04-27 19:47 - 2015-04-27 19:48 - 02715845 _____ (Thisisu) C:\Users\*****-*****\Downloads\JRT(1).exe
2015-04-27 19:27 - 2015-04-27 19:27 - 00000341 _____ () C:\Users\*****-*****\Desktop\*****-***** - Verknüpfung.lnk
2015-04-27 19:26 - 2015-04-27 19:31 - 00000000 ____D () C:\AdwCleaner
2015-04-27 19:25 - 2015-04-27 19:25 - 02224640 _____ () C:\Users\*****-*****\Downloads\AdwCleaner_4.202.exe
2015-04-27 19:17 - 2015-04-27 19:22 - 00000343 _____ () C:\Users\*****-*****\Documents\mbam.txt
2015-04-27 19:16 - 2015-04-27 19:16 - 00000343 _____ () C:\Users\*****-*****\Documents\mbam2.txt
2015-04-25 10:17 - 2015-04-25 10:17 - 01187872 _____ (Uniblue Systems Limited ) C:\Users\*****-*****\Downloads\pcmechanicpm.exe
2015-04-24 19:42 - 2015-04-24 19:42 - 00013954 _____ () C:\ComboFix.txt
2015-04-24 18:58 - 2015-04-24 19:42 - 00000000 ____D () C:\ComboFix
2015-04-24 18:22 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-24 18:22 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-24 18:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-24 18:22 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-24 18:19 - 2015-04-24 19:42 - 00000000 ____D () C:\Qoobox
2015-04-24 18:14 - 2015-04-24 18:41 - 05619466 ____R (Swearware) C:\Users\*****-*****\Downloads\ComboFix.exe
2015-04-23 18:20 - 2015-04-23 18:20 - 00000000 ____D () C:\Users\*****-*****\AppData\Local\Mozilla Firefox
2015-04-23 18:07 - 2015-05-02 21:50 - 00000000 ____D () C:\FRST
2015-04-23 18:07 - 2015-04-27 20:19 - 00044909 _____ () C:\Users\*****-*****\Downloads\FRST.txt
2015-04-23 07:46 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-23 07:33 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-23 07:29 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-23 07:29 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-23 07:27 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-23 07:27 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-23 07:27 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-22 18:41 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-22 18:41 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-22 18:41 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-22 18:41 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-22 18:41 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-22 18:41 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-22 18:41 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-22 18:41 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-22 18:41 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-22 18:41 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-22 18:41 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-22 18:41 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-06 11:55 - 2015-04-06 11:55 - 00139504 _____ () C:\Windows\Minidump\Mini040615-01.dmp
2015-04-05 18:53 - 2015-05-01 13:06 - 00000000 ____D () C:\Users\*****-*****\Documents\Citavi 3

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 21:52 - 2008-02-16 15:49 - 00002631 _____ () C:\Users\*****-*****\Desktop\Microsoft Office Word 2007.lnk
2015-05-02 21:40 - 2008-02-06 15:54 - 01774589 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 21:33 - 2011-01-02 18:31 - 00198070 _____ () C:\ProgramData\lxeascan.log
2015-05-02 21:33 - 2008-02-06 17:25 - 00252513 _____ () C:\Users\*****-*****\AppData\Roaming\nvModes.001
2015-05-02 21:31 - 2013-07-13 11:20 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7faa4579dfd0.job
2015-05-02 21:29 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 21:29 - 2006-11-02 14:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 21:29 - 2006-11-02 14:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 21:28 - 2007-07-20 16:28 - 01748782 _____ () C:\Windows\PFRO.log
2015-05-02 21:27 - 2007-07-20 15:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-05-02 21:27 - 2006-11-02 15:01 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-02 21:18 - 2009-07-22 13:50 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-02 12:35 - 2011-08-30 06:40 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job
2015-05-02 12:27 - 2006-11-02 12:33 - 01623482 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-01 21:28 - 2008-02-06 17:25 - 00252513 _____ () C:\Users\*****-*****\AppData\Roaming\nvModes.dat
2015-04-30 18:10 - 2007-07-20 15:51 - 00805926 _____ () C:\Windows\DPINST.LOG
2015-04-30 18:08 - 2007-07-20 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-04-30 18:07 - 2007-07-20 16:01 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-29 18:32 - 2011-06-30 12:07 - 00001356 _____ () C:\Users\*****-*****\AppData\Local\d3d9caps.dat
2015-04-27 20:10 - 2015-03-21 22:03 - 00074678 _____ () C:\Users\*****-*****\Downloads\Addition.txt
2015-04-27 19:59 - 2015-03-21 21:54 - 01140736 _____ (Farbar) C:\Users\*****-*****\Downloads\FRST.exe
2015-04-27 19:28 - 2008-02-06 17:25 - 00000000 ____D () C:\Users\*****-*****
2015-04-27 19:16 - 2015-03-22 20:21 - 00000343 _____ () C:\Users\*****-*****\Desktop\mbam.txt
2015-04-27 17:58 - 2010-01-02 11:33 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-04-26 20:22 - 2008-02-10 12:56 - 00000000 ____D () C:\Users\*****-*****\AppData\Roaming\Skype
2015-04-24 19:37 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2015-04-23 17:03 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-23 07:46 - 2013-07-26 09:36 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-23 07:34 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-23 07:33 - 2007-07-20 17:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-10 19:16 - 2008-02-16 15:49 - 00002673 _____ () C:\Users\*****-*****\Desktop\Microsoft Office PowerPoint 2007.lnk
2015-04-08 10:18 - 2015-02-21 14:06 - 00000000 ____D () C:\Users\*****-*****\AppData\Roaming\Avira
2015-04-08 10:07 - 2015-02-21 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-08 10:04 - 2012-04-26 06:31 - 00000000 ____D () C:\ProgramData\Avira
2015-04-06 12:54 - 2013-07-25 23:43 - 00000000 ____D () C:\ProgramData\Netzmanager
2015-04-06 12:54 - 2013-06-21 14:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-04-06 12:54 - 2012-06-24 11:07 - 00000000 ____D () C:\Users\*****-*****\AppData\Local\Akamai
2015-04-06 12:54 - 2012-05-23 07:59 - 00000000 ____D () C:\Users\*****-***** 2
2015-04-06 12:54 - 2011-05-25 13:59 - 00000000 ____D () C:\ProgramData\Ulead Systems
2015-04-06 12:54 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2015-04-06 12:54 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-04-06 12:54 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2015-04-06 12:54 - 2006-11-02 12:22 - 66846720 _____ () C:\Windows\system32\config\software_previous
2015-04-06 12:54 - 2006-11-02 12:22 - 52166656 _____ () C:\Windows\system32\config\system_previous
2015-04-06 12:45 - 2006-11-02 12:22 - 49283072 _____ () C:\Windows\system32\config\components_previous
2015-04-06 12:45 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2015-04-06 11:55 - 2010-08-25 19:12 - 216125677 _____ () C:\Windows\MEMORY.DMP
2015-04-06 11:55 - 2008-05-16 22:19 - 00000000 ____D () C:\Windows\Minidump
2015-04-05 19:50 - 2006-11-02 12:22 - 00524288 _____ () C:\Windows\system32\config\default_previous
2015-04-05 19:49 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous

==================== Files in the root of some directories =======

2012-05-23 07:59 - 2015-03-11 00:53 - 0043239 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.001
2012-05-23 07:59 - 2007-08-06 15:21 - 0042479 _____ () C:\Users\*****-***** 2\AppData\Roaming\nvModes.dat
2012-06-30 11:35 - 2012-06-30 11:35 - 0000022 ___SH () C:\Users\*****-***** 2\AppData\Roaming\Windows1569_SettingsRepository.bin
2012-05-23 07:59 - 2015-03-28 16:42 - 0002032 _____ () C:\Users\*****-***** 2\AppData\Local\d3d9caps.dat
2012-05-23 07:59 - 2007-08-06 15:06 - 0018944 _____ () C:\Users\*****-***** 2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-30 11:35 - 2012-06-30 11:35 - 0000000 _____ () C:\Users\*****-***** 2\AppData\Local\jv16PT_temp.tmp
2008-02-21 12:45 - 2008-02-21 12:45 - 0000305 _____ () C:\ProgramData\addr_file.html
2009-02-05 22:42 - 2009-02-05 22:42 - 0000056 _____ () C:\ProgramData\ezsidmv.dat
2011-01-02 18:39 - 2011-01-02 18:39 - 0000252 _____ () C:\ProgramData\FastPics.log
2011-03-01 17:18 - 2015-03-07 18:01 - 0045024 _____ () C:\ProgramData\lxea.log
2011-01-02 18:40 - 2011-01-02 18:42 - 0000438 _____ () C:\ProgramData\lxeaDiagnostics.log
2011-01-02 18:44 - 2011-06-02 10:10 - 0004439 _____ () C:\ProgramData\lxeaJSW.log
2011-01-02 18:31 - 2015-05-02 21:33 - 0198070 _____ () C:\ProgramData\lxeascan.log
2011-01-02 18:27 - 2011-01-02 18:27 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Some content of TEMP:
====================
C:\Users\*****-*****\AppData\Local\temp\avgnt.exe


Some zero byte size files/folders:
==========================
C:\Windows\System32\nsprs.dll
C:\Windows\System32\serauth1.dll
C:\Windows\System32\serauth2.dll
C:\Windows\System32\ssprs.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-02 21:36

==================== End Of Log ============================

--- --- ---

--- --- ---

Jami87 · 02.05.2015, 20:57

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-05-2015
Ran by *****-***** 2 at 2015-05-02 21:54:04
Running from c:\Users\*****-*****\Downloads\FRST-OlderVersion\FRST-OlderVersion\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3850073437-3280287025-709413035-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3850073437-3280287025-709413035-1002 - Limited - Enabled)
Gast (S-1-5-21-3850073437-3280287025-709413035-501 - Limited - Disabled)
*****-***** (S-1-5-21-3850073437-3280287025-709413035-1000 - Limited - Enabled) => C:\Users\*****-*****
*****-***** 2 (S-1-5-21-3850073437-3280287025-709413035-1003 - Administrator - Enabled) => C:\Users\*****-***** 2

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Durchstarten mit Ponky - Deutsch 1+2" (HKLM\...\"Durchstarten mit Ponky - Deutsch 1+2") (Version: 2.00 - Engel Edition)
"Durchstarten mit Ponky - Mathe 1+2" (HKLM\...\"Durchstarten mit Ponky - Mathe 1+2") (Version: 2.00 - Engel Edition)
"Englisch in der Grundschule mit Ponky 1.+2. Kl." (HKLM\...\"Englisch in der Grundschule mit Ponky 1.+2. Kl.") (Version: 2.00 - Engel Edition)
"Ponky gezielt Deutsch 1+2" (HKLM\...\"Ponky gezielt Deutsch 1+2") (Version: 2.00 - Engel Edition)
"Ponky gezielt Mathe 1+2" (HKLM\...\"Ponky gezielt Mathe 1+2") (Version: 2.00 - Engel Edition)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\{95264530-5A22-8E7E-FE9D-D63A927BCAEA}) (Version: 1.7 - Adobe Systems Incorporated)
Adobe Photoshop Elements 5.0 (HKLM\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Premiere Elements 3.0.2 (HKLM\...\PremElem30) (Version: 3.0.2 - Ihr Firmenname)
Adobe Premiere Elements 3.0.2 Templates (HKLM\...\{6EACDDF4-4220-49A3-9204-984C86852C3D}) (Version: 1.0.0 - Ihr Firmenname)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
All To WMA Converter 1.7 (HKLM\...\All To WMA Converter_is1) (Version: 1.7 - All To WMA Converter)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Amazon Cloud Player (HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Any Video Converter 3.3.2 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aquanuma (HKLM\...\Aquanuma_is1) (Version:  - )
ArcSoft Magic-i Visual Effects Installer (HKLM\...\{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}) (Version:  - ArcSoft)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.20 - Avanquest Software)
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter (HKLM\...\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}) (Version: 2.3 - Sony Corporation)
Benutzerhandbuch - Grundlagen EPSON SX430 Series (HKLM\...\EPSON SX430 Series Bog) (Version:  - )
Benutzerhandbuch EPSON SX430 Series (HKLM\...\EPSON SX430 Series Useg) (Version:  - )
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
Camera RAW Plug-In for EPSON Creativity Suite (HKLM\...\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Citavi (HKLM\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.3.0.0 - Swiss Academic Software)
Citavi 2.5 (HKLM\...\Citavi) (Version: 2.5.2.0 - Academic Software Zurich)
Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)
Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Denken und Rechnen 2 (HKLM\...\Denken und Rechnen 2) (Version:  - )
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DisplayLink Core Software (HKLM\...\{156E1F8D-3555-42F5-8DEC-5E830AF46847}) (Version: 4.5.13507.0 - DisplayLink Corp.)
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.6.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.5 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.4.3 - DivXNetworks, Inc.)
DivxToDVD 0.5.2b (HKLM\...\VSO DivxToDVD_is1) (Version: 0.5.2b - VSO-Software SARL)
DSD Direct (HKLM\...\{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}) (Version: 2.0.01 - Sony Corporation)
DSD Direct Player (HKLM\...\{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}) (Version: 1.0 - Sony Corporation)
DSD Playback Plug-in (HKLM\...\{009E7FB7-1775-4D89-8956-F5C9A1C019FC}) (Version: 1.1 - Sony Corporation)
EPSON Attach To Email (HKLM\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Copy Utility 3 (HKLM\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.3.0.0 - )
EPSON Easy Photo Print (HKLM\...\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}) (Version: 1.5.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON File Manager (HKLM\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan Assistant (HKLM\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch (HKLM\...\EPSON Stylus CX7300_CX8300_DX7400_DX8400 Benutzerhandbuch) (Version:  - )
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
ffdshow [rev 2844] [2009-03-30] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
flatster (HKLM\...\{0ADF1B89-17EA-489C-86DF-6E33DA8520A6}_is1) (Version: 1.5 - flatster GmbH)
Free FLV Converter V 6.4.1 (HKLM\...\Free FLV Converter_is1) (Version:  - Koyote Soft)
Free Mp3 Wma Converter V 1.9 (HKLM\...\Free Mp3 Wma Converter_is1) (Version: 1.9.0.0 - Koyote Soft)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free YouTube Download version 3.0.20.1228 (HKLM\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Ltd.)
Freemake Video Converter Version 3.0.1 (HKLM\...\Freemake Video Converter_is1) (Version: 3.0.1 - Ellora Assets Corporation)
Furnish Pro (HKLM\...\Furnish Pro) (Version:  - )
GearDrvs (Version: 1 - Symantec Corporation) Hidden
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk (remove only) (HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
honestech VHS to DVD 2.0 SE (HKLM\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Iminent (Version: 5.26.21.0 - Iminent) Hidden <==== ATTENTION
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
jv16 PowerTools 2012 (HKLM\...\jv16 PowerTools 2011) (Version:  - Macecraft Software)
Lexmark S300-S400 Series (HKLM\...\Lexmark S300-S400 Series) (Version:  - Lexmark International, Inc.)
Lexmark Tools for Office (HKLM\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.29.0.0 - )
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{AC96671C-2001-432C-9826-5266D84EF1DC}) (Version: 12.00.1280 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.0) (Version: 12.0.1278 - Logitech Inc.)
Löwenzahn und Pusteblume (HKLM\...\{C538AA5E-2F9C-48DC-AD5C-B21CE34EA10B}) (Version: 1.0.0 - *)
MAGIX Online Druck Service 2.3.2.0 (D) (HKLM\...\MAGIX Online Druck Service D) (Version: 2.3.2.0 - MAGIX AG)
MAGIX PC Visit (HKLM\...\MAGIX PC Visit D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Video deluxe 2008 Trial 7.5.1.6 (D) (HKLM\...\MAGIX Video deluxe 2008 Trial D) (Version: 7.5.1.6 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MAXQDA 10 (R250412) (HKLM\...\MAXQDA10) (Version: (R250412) - VERBI Software.Consult.Sozialforschung GmbH)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Medion GoPal Assistant 4.01.012 (HKLM\...\Medion GoPal Assistant) (Version: 4.1.12.0 - Medion)
Meine ersten Wörter (HKLM\...\it.clementoni.SapPrimeParoleDE.290A939A40FB4C06653AD1460C6BEBD4C065087B.1) (Version: 1.0 - Clementoni S.p.A.)
Meine ersten Wörter (Version: 1.0 - Clementoni S.p.A.) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Moonlight MPEG-2 Decoder Pack (HKLM\...\Moonlight MPEG-2 Decoder Pack 2.1.4316) (Version: 2.1.4316 - Moonlight Cordless)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Musik & Audio Restaurator Pro 5.0 (HKLM\...\Musik & Audio Restaurator Pro 5_is1) (Version: 5.0 - Softfeld)
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Netzmanager (HKLM\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Netzwerkhandbuch EPSON SX430 Series (HKLM\...\EPSON SX430 Series Netg) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton 360 (Version: 1.2.0.10 - Symantec Corporation) Hidden
Notebook BatteryInfo 1.3  (HKLM\...\BatteryInfo_Suite) (Version: 1.3 - Thomas Michel)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OpenMG Limited Patch 4.7-07-15-19-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )
OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140 - Sony Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
PDF24 Creator 5.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Photo Viewer V2.4 (HKLM\...\Photo Viewer) (Version:  - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixie 1.4.1 (HKLM\...\Pixie_is1) (Version: 1.4.1 - Pixie Developers)
QuickTime (HKLM\...\{5B09BD67-4C99-46A1-8161-B7208CE18121}) (Version: 7.3.0.70 - Apple Inc.)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version:  - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rossmann Fotowelt Software 4.12.1 (HKLM\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Rossmann Online Print Wizard Installer 1.0 (HKLM\...\Rossmannr Online Print Wizard Installer_is1) (Version:  - )
Roxio Easy Media Creator Home (HKLM\...\{B7FB0C86-41A4-4402-9A33-912C462042A0}) (Version: 9.0.178 - Roxio)
Scan2PDF 1.6 (HKLM\...\Scan2PDF_is1) (Version:  - Koma-Code)
Secunia PSI (2.0.0.4002) (HKLM\...\Secunia PSI) (Version:  - )
Secure Eraser (HKLM\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 3.0.00.07120 - Sony Corporation)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5102.0 - SigmaTel)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SNAPFISH (HKLM\...\SNAPFISH) (Version:  - )
Snoopy 1.0 (HKLM\...\Snoopy_is1) (Version:  - )
SonicStage Mastering Studio (HKLM\...\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}) (Version: 2.3.01 - Sony Corporation)
SonicStage Mastering Studio (Version: 2.3.01 - Sony Corporation) Hidden
SonicStage Mastering Studio Audio Filter (HKLM\...\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}) (Version: 2.3.01 - Sony Corporation)
SonicStage Mastering Studio Plugins (HKLM\...\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}) (Version: 2.4 - Sony Corporation)
Sony Ericsson Media Manager 1.1 (HKLM\...\{7E910FDA-CBBE-4451-8728-235E6A4DE162}) (Version: 1.1.550 - Sony Ericsson)
Sony Ericsson PC Suite 6.009.00 (HKLM\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.009.00 - Sony Ericsson)
Sony PC Companion 2.10.259 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 2.1.00.04170 - Sony Corporation)
Sony USB Driver (HKLM\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
SONY VGP-UPR1 (Display Adapter) (HKLM\...\{94FBC09C-6F39-4B36-B9DE-66374A6FAAD2}) (Version: 4.5.13507.0 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.2.00 - Sony Corporation)
SpongeBob Schwammkopf - Der Film (HKLM\...\{E81A7285-8CA6-4430-B6C0-5F719E4D40D9}) (Version: 1.0 - )
SPSS 15.0 für Windows [Auswertung Version] (HKLM\...\{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}) (Version: 15.0.1 - SPSS Inc.)
Super Mario PC Fun 2 (HKLM\...\Super Mario PC Fun 2) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1148 - SUPERAntiSpyware.com)
Supreme Auction (HKLM\...\Supreme Auction_is1) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TMPGEnc 4.0 XPress Testversion (HKLM\...\{ECEF8EDE-0421-4E67-9264-5E84F26D4F55}) (Version: 4.7.2.285 - Pegasys Inc,)
Ulead VideoStudio SE DVD (HKLM\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB2.0 ATV (HKLM\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
USB2.0 Capture Device (HKLM\...\{E337B156-DF81-48D8-8977-B1574EE87BCF}) (Version: 1.0.3.0 - )
VAIO Aqua Breeze Wallpaper (HKLM\...\{97BCD719-6ECB-458F-97D6-F38D2E07375E}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Camera Capture Utility (HKLM\...\{6D2576EC-A0E9-418A-A09A-409933A3B6F4}) (Version: 2.7.01.08030 - Sony Corporation)
VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 1.1.02.11070 - Sony Corporation)
VAIO Content Importer  VAIO Content Exporter (Version: 1.2.00.06270 - Sony Corporation) Hidden
VAIO Content Importer / VAIO Content Exporter (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.00.06270 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}) (Version: 2.0.01.07051 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 2.0.01.07051 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM\...\{69351E9E-23ED-41D5-B146-EDBF83C63B66}) (Version: 2.0.01.07041 - Sony Corporation)
VAIO Content Metadata Manager Setting (Version: 2.0.01.07041 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM\...\{B5E2DF30-1061-4DB4-AF28-08996C8E5680}) (Version: 2.1.01.10292 - Sony Corporation)
VAIO Content Metadata XML Interface Library (Version: 2.1.01.10292 - Sony Corporation) Hidden
VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 2.1.00.07110 - Sony Corporation)
VAIO Cozy Orange Wallpaper (HKLM\...\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}) (Version: 1.0.11.13240 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.02.06190 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.0.00.06280 - Sony Corporation)
VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.2.00.07120 - Sony Corporation)
VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 1.0.00.07090 - Sony Corporation)
VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version:  - )
VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version:  - Sony Corporation)
VAIO Media Integrated Server 6.1 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version:  - Sony Corporation)
VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)
VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)
VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.0.00.18280 - Sony Corporation)
VAIO Movie Story (Version: 1.0.00.18280 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.0.00.18280 - Sony Corporation)
VAIO MusicBox (HKLM\...\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}) (Version: 1.1.02.12100 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.0.00.07030 - Sony Corporation)
VAIO Original Function Setting (HKLM\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.4.00.03240 - Sony Corporation)
VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version:  - )
VAIO Power Management (HKLM\...\{802889F8-6AF5-45A5-9764-CA5B999E50FC}) (Version: 2.2.00.06130 - Sony Corporation)
VAIO Tender Green Wallpaper (HKLM\...\{934A3213-1CB6-4264-84A2-EE080C017BCA}) (Version: 1.0.11.10180 - Sony Corporation)
VAIO Update 3 (HKLM\...\{48820099-ED7D-424B-890C-9A82EF00656D}) (Version: 3.0.02.05280 - Sony Corporation)
VAIO Xblack Contents (HKLM\...\VAIO Xblack Contents) (Version: 1.0.0.0-ENU - )
WDR RadioRecorder (HKLM\...\Tobit Radio.fx Server 1) (Version:  - Tobit.Software)
WIDCOMM Bluetooth Software 6.1.0.1203 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.1203 - Broadcom Corporation)
Windows Live Anmelde-Assistent (HKLM\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinDVD BD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B8.385 - InterVideo Inc.)
WinDVD BD for VAIO (Version: 8.0-B8.385 - InterVideo Inc.) Hidden
Wireless Switch Setting Utility (HKLM\...\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}) (Version: 3.6.00.18210 - Sony Corporation)
WMA MP3 Converter v4.0 build 1217 (HKLM\...\{314AD191-596F-40C0-ACED-3AD78C9649F1}_is1) (Version:  - Hoo Technologies)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Users\*****-*****\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Users\*****-*****\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\*****-*****\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\*****-~1\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe  (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{7F902AD4-FC6A-4B2F-8B8D-B6DD4E329B76}\InprocServer32 -> C:\Users\*****-~1\AppData\Local\ASKTOO~1\DOWNLO~1\AVIRAW~1.DLL No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{9E385F0A-0BA2-430C-96AA-4399C5E40F6C}\localserver32 -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Users\*****-*****\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Users\*****-*****\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\*****-~2\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe  (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-3850073437-3280287025-709413035-1003_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Program Files\Google\Google Talk\googletalk.exe (Google)

==================== Restore Points  =========================

25-04-2015 10:18:36 Uniblue PC Mechanic installation
26-04-2015 10:38:01 Geplanter Prüfpunkt
27-04-2015 21:13:00 Geplanter Prüfpunkt
28-04-2015 17:59:42 Windows Update
30-04-2015 18:10:01 Sony Ericsson PC Suite Drivers
01-05-2015 18:09:59 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2015-03-13 23:39 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {12385836-CA2D-47B9-A214-9F8B297A3DBA} - System32\Tasks\{95687664-AA78-4FC4-BAC4-858ABB1C0B69} => pcalua.exe -a C:\Users\*****-*****\Downloads\VirtualDubMod_1_5_10_2_All_inclusive\AuxSetup.exe -d C:\Users\*****-*****\Downloads\VirtualDubMod_1_5_10_2_All_inclusive
Task: {1B4E5659-7DEF-46F9-A0BC-0E6629830B41} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {1CE03B89-7F38-4BA1-A41C-4D8B07DAAE41} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe [2007-05-31] (Sony Corporation)
Task: {1E6473EE-BE0D-4AF2-B139-363A948E362C} - System32\Tasks\{C1EA93FA-188F-4DB9-B64E-36A773014422} => pcalua.exe -a "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl" -c Adobe Gamma
Task: {28E5CD67-956D-4936-A294-4AD90DDAE715} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {51B468D0-8CEB-4BAE-AEA3-4EC761479B8B} - System32\Tasks\{9830AF16-9482-400B-9E1B-868E8CD8C205} => pcalua.exe -a "C:\Users\*****-*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZU0076JS\SOACCU-01363007-UN[1].exe" -d C:\Users\*****-*****
Task: {598F4D5D-0AAD-4486-9371-BD27A5EA6A80} - System32\Tasks\MCVSurveyReminder4 => reminder.exe
Task: {5DBB8895-2BE0-4495-A797-6009C173A108} - System32\Tasks\{1BF2E65A-1E39-4F45-92FD-E0EF4012BE8A} => pcalua.exe -a C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe -c /M{430CADFA-CCEB-456D-9994-D9113F731644}
Task: {68F11EF1-2EA3-462C-A57B-420826834205} - System32\Tasks\{7AC43103-A4AE-481B-B197-07B3C364EB4B} => pcalua.exe -a C:\Users\*****-*****\Downloads\NVDVID-01587600-UN.exe -d "C:\Program Files\Mozilla Firefox"
Task: {7786971E-B57F-40FD-8139-281ABE1BD89E} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-16] (Google)
Task: {8D109C3F-BFE7-40B0-B4E9-82D5B9DA3818} - System32\Tasks\{321F8462-3D73-467E-B9DC-B1D0A64C03FE} => Firefox.exe hxxp://ui.skype.com/ui/0/6.21.81.104/de/go/help.faq.installer?LastError=1618
Task: {9A0019CE-C77A-41B4-878B-F564DE55AD98} - System32\Tasks\GoogleUpdateTaskMachineCore1ce7faa4579dfd0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {AF83CA38-58CE-4610-AFCA-459F88C6E38C} - System32\Tasks\MCVSurveyReminder3 => reminder.exe
Task: {BA9261A1-C464-4A08-B582-499B88C325EA} - System32\Tasks\{ABFA890E-19B0-46D9-A582-058578BB8F65} => pcalua.exe -a "C:\Program Files\Trojancheck 6\unins000.exe" -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojancheck 6"
Task: {C03FCD7A-F17A-4C30-B194-412D951E162D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {D3F07B14-4D25-435A-9FF1-A3665E731F9F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E9A76A05-BDA6-4AB7-BAB0-45196D6AE30D} - System32\Tasks\MCVSurveyReminder1 => reminder.exe
Task: {EE04CFD9-B911-4ABA-B2D4-A1B0E90A25A4} - System32\Tasks\{A1EBE010-6567-4A23-BD72-27B12BE82F06} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {FB47635A-451D-40A8-B9D8-5AAFECC166EC} - System32\Tasks\SONY\WSSU\WSSU => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2007-06-15] (Sony Corporation)
Task: {FDC62037-CCDD-4758-9FF0-949A973B0161} - System32\Tasks\MCVSurveyReminder2 => reminder.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7faa4579dfd0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-01-02 18:36 - 2009-11-04 13:14 - 00157696 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxeadrpp.dll
2006-12-22 08:31 - 2006-12-22 08:31 - 00108712 _____ () C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
2010-10-19 09:31 - 2010-10-19 09:31 - 00159744 _____ () C:\Program Files\Netzmanager\NMInfraIS2\driver\SoftplugLib.dll
2014-11-28 18:56 - 2011-11-18 15:51 - 03673944 _____ () C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
2007-07-20 17:37 - 2007-07-12 08:33 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2007-07-20 17:37 - 2007-07-12 08:33 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
2015-03-21 21:19 - 2012-09-07 17:57 - 00452592 _____ () C:\Program Files\ASCOMP Software\Secure Eraser\SecEraser32.dll
2002-11-27 18:25 - 2002-11-27 18:25 - 00049152 _____ () C:\Program Files\LitexMedia\All To WMA Converter\WMAShellExt.dll
2007-06-22 10:49 - 2007-06-22 10:49 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2011-01-02 18:29 - 2010-01-18 19:27 - 00770728 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
2011-01-02 18:29 - 2009-12-16 19:04 - 00389120 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeascw.dll
2011-01-02 18:31 - 2009-05-27 14:16 - 00192512 _____ () C:\Windows\system32\spool\drivers\w32x86\3\lxeadatr.dll
2011-01-02 18:29 - 2009-12-16 19:07 - 01159168 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeaDRS.dll
2011-01-02 18:29 - 2009-03-10 07:43 - 00155648 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeacaps.dll
2011-01-02 18:27 - 2009-02-20 10:48 - 00299008 _____ () C:\Windows\system32\lxeasm.dll
2011-01-02 18:27 - 2009-04-28 09:56 - 00024064 _____ () C:\Windows\system32\lxeasmr.dll
2011-01-02 18:28 - 2010-01-18 19:27 - 00139944 _____ () C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
2011-01-02 18:28 - 2009-03-30 14:37 - 00708608 _____ () C:\Program Files\Lexmark S300-S400 Series\Epwizard.DLL
2011-01-02 18:28 - 2009-03-30 14:35 - 00159744 _____ () C:\Program Files\Lexmark S300-S400 Series\customui.dll
2011-01-02 18:28 - 2009-03-30 14:35 - 00118784 _____ () C:\Program Files\Lexmark S300-S400 Series\Eputil.DLL
2011-01-02 18:28 - 2009-03-30 14:35 - 00139264 _____ () C:\Program Files\Lexmark S300-S400 Series\Imagutil.DLL
2011-01-02 18:28 - 2009-03-30 14:35 - 00061440 _____ () C:\Program Files\Lexmark S300-S400 Series\Epfunct.DLL
2011-01-02 18:29 - 2009-06-23 13:09 - 02203648 _____ () C:\Program Files\Lexmark S300-S400 Series\EPWizRes.dll
2011-01-02 18:29 - 2009-06-23 13:10 - 00045056 _____ () C:\Program Files\Lexmark S300-S400 Series\epstring.dll
2011-01-02 18:29 - 2009-06-23 13:11 - 00102400 _____ () C:\Program Files\Lexmark S300-S400 Series\EPOEMDll.dll
2011-01-02 18:28 - 2009-04-07 21:25 - 00409600 _____ () C:\Program Files\Lexmark S300-S400 Series\iptk.dll
2011-01-02 18:29 - 2009-03-02 16:25 - 00151552 _____ () C:\Program Files\Lexmark S300-S400 Series\lxeaptp.dll
2012-03-20 20:44 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2012-03-20 20:44 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 15:54 - 2011-07-07 15:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll
2011-11-01 20:32 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files\Sony\Sony PC Companion\sqlite3.dll
2012-03-20 20:44 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll
2012-01-27 12:02 - 2012-01-27 12:02 - 00569344 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
2012-05-15 20:42 - 2012-05-15 20:42 - 00052224 _____ () C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2012-05-15 20:42 - 2015-05-02 21:34 - 00065024 _____ () C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2012-05-15 20:42 - 2015-05-02 21:34 - 00052736 _____ () C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
2012-05-15 20:42 - 2012-05-15 20:42 - 00117760 _____ () C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2014-05-16 15:38 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\*****-*****\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2007-06-22 10:34 - 2007-06-22 10:34 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2012-03-20 20:44 - 2014-06-23 09:07 - 00113376 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2010-05-04 16:36 - 2010-05-04 16:36 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3850073437-3280287025-709413035-1000\...\intervideo.com -> www.intervideo.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3850073437-3280287025-709413035-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img19.jpg
HKU\S-1-5-21-3850073437-3280287025-709413035-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GoogleDesktopManager-051210-111108 => 3
MSCONFIG\Services: gupdate1ca0ac0f00c0a80 => 2
MSCONFIG\Services: OMSI download service => 2
MSCONFIG\Services: PACSPTISVR => 3
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: sdAuxService => 2
MSCONFIG\Services: sdCoreService => 2
MSCONFIG\startupfolder: C:^Users^*****-*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^*****-*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Medien-Prüfung.lnk => C:\Windows\pss\Picture Motion Browser Medien-Prüfung.lnk.Startup
MSCONFIG\startupreg: Apoint => C:\Program Files\Apoint\Apoint.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: googletalk => C:\Program Files\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: TrayServer => C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{3B5F652A-2913-4AA5-B3B0-E5CC4BBA9F70}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{A36CB363-2FF8-4903-8A7C-C02CE966C1F1}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{E80BA0B8-D827-458C-8FD9-2D631C0FFD53}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{23E3452E-7136-4515-9716-FDED0157294D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{B1A8B887-4149-4978-8C22-5B4E4EF82C9D}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [{CD94BE39-19A6-4FBE-9FB5-AEA69041C4CA}] => (Allow) C:\Program Files\Google\Google Talk\googletalk.exe
FirewallRules: [TCP Query User{5E869D36-5320-423E-9517-9CE576D8EE6E}C:\program files\icq6\icq.exe] => (Allow) C:\program files\icq6\icq.exe
FirewallRules: [UDP Query User{7272C993-B27A-4643-A1FA-239F96ABF88A}C:\program files\icq6\icq.exe] => (Allow) C:\program files\icq6\icq.exe
FirewallRules: [{2F76F63C-3E81-46B8-A40F-C090250E5121}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{7B883190-8DCA-48D9-BF04-B6436BF2D68F}] => (Allow) C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe
FirewallRules: [{582A7AD1-45D1-41F9-BC17-967E429CAD2B}] => (Allow) C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe
FirewallRules: [TCP Query User{979E4801-5A3C-4C83-BEC9-282B531A3BCA}C:\program files\icq6.5\icq.exe] => (Block) C:\program files\icq6.5\icq.exe
FirewallRules: [UDP Query User{88714FC2-53DC-4290-83FA-FC17966E8607}C:\program files\icq6.5\icq.exe] => (Block) C:\program files\icq6.5\icq.exe
FirewallRules: [{4C069130-9D72-4690-ABAD-59264BEBDE46}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{55DD818E-E59D-4D8F-A931-8186811C12FA}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{E7F71EDC-C852-482E-A9B3-C7FF11DCA41C}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{976B6ED5-5F4A-49F7-B6EF-EE60BE4C79EC}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{62D57FE4-9C0D-4B5A-AEA3-9DEECCCD2DD5}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{975D58E6-48F6-44F5-88EF-C500CF0B31CB}] => (Allow) C:\Program Files\ICQ7.2\ICQ.exe
FirewallRules: [{0E545E18-1A24-4409-81B0-C5323F823E18}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{D6E42861-8F37-4A0E-A7F6-5B974FD73C18}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{5313CBFB-A857-44D6-9D0A-49542EDBFA07}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [{9C3F0B2E-5001-4202-AF2C-9766A24078B5}] => (Allow) C:\Program Files\ICQ7.2\aolload.exe
FirewallRules: [TCP Query User{51A1958F-15D5-4163-836D-24DD28F87BDA}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{77C0DF32-131E-4C60-A2A9-4407B44931DA}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{54386AB4-35A0-41A9-AC43-3F393890E8C5}] => (Allow) C:\Users\*****-*****\Downloads\SweetImSetup(2).exe
FirewallRules: [{C1AF6C87-ADE7-4F01-B286-182C3B27031C}] => (Allow) C:\Users\*****-*****\Downloads\SweetImSetup(2).exe
FirewallRules: [{19F499D9-E22F-4B7B-A625-2536A4161B5D}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5E615F98-E78C-4F14-B759-A062E0E5A7E3}] => (Allow) svchost.exe
FirewallRules: [{1A45F8CA-5A2B-45D0-A425-5E56F27CB0C6}] => (Allow) C:\Windows\system32\lxeacoms.exe
FirewallRules: [{F893CABE-D527-44E0-AD3B-4B58AAA1E35F}] => (Allow) C:\Windows\system32\LXEAcoms.exe
FirewallRules: [{2FA57709-F8ED-4E11-9026-1A8D6C5587D2}] => (Allow) C:\Windows\system32\LXEAcoms.exe
FirewallRules: [{86CA48FB-F57A-4219-8856-305C1A74FD07}] => (Allow) C:\Windows\system32\LXEAcoms.exe
FirewallRules: [{923D2D0D-2946-49A1-B658-29E21F747F8E}] => (Allow) LPort=80
FirewallRules: [{165A8488-4303-4BF4-8B78-5F1292778B64}] => (Allow) LPort=80
FirewallRules: [{CE82E6BD-BEE2-4A92-BE44-91249CEE4865}] => (Allow) LPort=80
FirewallRules: [TCP Query User{E1B1D6BA-97D1-428C-8D6F-4BF2877C9B25}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{B7526044-05C8-4C49-964A-6EC5237DA87B}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0CA17F66-DBB8-4BB7-AF9C-FA8F4EBC634F}C:\program files\logitech\vid hd\vid.exe] => (Block) C:\program files\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{156CD726-4881-4067-B22F-EFA8889397A4}C:\program files\logitech\vid hd\vid.exe] => (Block) C:\program files\logitech\vid hd\vid.exe
FirewallRules: [{16642D4E-0A46-4768-AB55-F971CE044475}] => (Allow) C:\Users\*****-*****\Downloads\Facemoods.exe
FirewallRules: [{DA4DB6A1-FB7B-40AC-B99A-CA71037185C7}] => (Allow) C:\Users\*****-*****\Downloads\Facemoods.exe
FirewallRules: [{7DFBF625-08A6-482F-BBED-1F7D8A225DCF}] => (Allow) C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{6658554D-038D-45BD-B83D-712744C6681F}] => (Allow) C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{CD4CF5F6-A738-48D1-9197-ACCB676AC8B0}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{B6400087-61E2-48E7-A628-2428D77210A7}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{3A4DF019-0634-481F-A9A2-10FE650CFC10}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6C32446C-F773-4F95-BB11-489C4328A2D6}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{E8F0CD5E-56CF-412D-ABC6-AB8AE51DDDB2}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{02802447-B624-4CD1-94AB-56D1F8911D0A}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{AB520453-681B-4C74-A0D1-C14D9C45364D}] => (Allow) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{F32889DA-746A-4104-9EF4-0B494E4CE06B}] => (Allow) C:\Users\*****-*****\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{5CD138C6-6F08-4D37-8B0E-21BC1778CFA0}C:\users\*****-*****\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\*****-*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{583F07B1-2C96-4C1C-991F-A64EDD56D7A8}C:\users\*****-*****\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\*****-*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B4196523-6227-4D9D-A336-BEFFFB00C074}] => (Allow) C:\Program Files\Iminent\Iminent.exe
FirewallRules: [{9A384077-6EB8-4A1B-9527-0F82284AED5E}] => (Allow) C:\Program Files\Iminent\Iminent.Messengers.exe
FirewallRules: [{840500EA-1B36-49F8-ADA1-72DF568513BE}] => (Allow) C:\Users\*****-***** 2\AppData\Local\temp\incredibar_installer.exe
FirewallRules: [{8F9428E9-58F9-4111-A8D1-DD743E4D99BE}] => (Allow) C:\Users\*****-***** 2\AppData\Local\temp\incredibar_installer.exe
FirewallRules: [{E31B7123-C67D-4429-8454-8B78998A650D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{0C8AC61D-91C4-4850-8976-4F6D6AE16C88}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{EACCA4A9-8378-42DB-A710-66EF61F99DF4}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{E5892559-F382-4172-A6E5-5AE724BF8F70}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{299E924D-BFDE-473E-A87E-ABE967C11DF3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{5C89EA99-D2E8-4781-8B6E-25BD47198E52}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [TCP Query User{2F219C78-FFFD-48C4-BD02-3808C8B52B6C}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{18F63728-CE3A-4BDA-A23B-CCADE5A22D47}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [{1FD3EA95-53CB-4DAB-9529-2F6D44F51E50}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{7B048147-BBF8-477D-BB55-C179514AAE1C}C:\program files\logitech\vid hd\vid.exe] => (Block) C:\program files\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{CD09FD84-DFA0-4C0D-B682-28676FC5DD0F}C:\program files\logitech\vid hd\vid.exe] => (Block) C:\program files\logitech\vid hd\vid.exe
FirewallRules: [{27DF86F7-0EFA-4AC5-80CF-59150145427F}] => (Allow) C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{1CA8A470-28FA-4CBF-8691-14E995457C68}] => (Allow) C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{C2E9A825-94BE-4DFF-8E8D-C3389A3B24BB}] => (Allow) C:\Program Files\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{A9DB86FF-43AF-41D5-BD16-8A25A84AE13D}] => (Allow) C:\Program Files\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [TCP Query User{A72AE89A-F6B7-4F79-B2C8-06F12EFFC27D}C:\users\*****-*****\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\*****-*****\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{00871E66-EC05-4BA8-93F3-340056C50437}C:\users\*****-*****\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\*****-*****\appdata\local\mozilla firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Intel(R) 82852/82855 GM/GME-Grafikcontroller (Microsoft Corporation - XDDM)
Description: Intel(R) 82852/82855 GM/GME-Grafikcontroller (Microsoft Corporation - XDDM)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: ialm
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/02/2015 09:45:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.Systray.Program.Main(System.String[])

Error: (05/02/2015 09:33:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/02/2015 09:31:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/02/2015 09:31:15 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier2\eventsystem2.cpp38180070005

Error: (05/02/2015 09:31:14 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (05/02/2015 09:31:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/02/2015 09:29:41 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5}) (Fehlercode = 0x80042019)

Error: (05/02/2015 09:25:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung plugin-container.exe, Version 37.0.2.5583, Zeitstempel 0x552ef76c, fehlerhaftes Modul mozalloc.dll, Version 37.0.2.5583, Zeitstempel 0x552ee9ae, Ausnahmecode 0x80000003, Fehleroffset 0x00001aa1,
Prozess-ID 0x14d8, Anwendungsstartzeit plugin-container.exe0.

Error: (05/02/2015 11:14:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlTextReaderImpl.Read()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   bei Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   bei Avira.OE.WinCore.OeProductInfo.get_Culture()
   bei Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   bei Avira.OE.Systray.Program.Main(System.String[])

Error: (05/02/2015 10:50:32 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier2\eventsystem2.cpp38180070005


System errors:
=============
Error: (05/02/2015 09:35:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (05/02/2015 09:33:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Avira Service Host3

Error: (05/02/2015 09:31:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Avira Service Host2100001Neustart des Diensts

Error: (05/02/2015 09:31:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Avira Service Host1100001Neustart des Diensts

Error: (05/02/2015 09:30:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: lxeaCATSCustConnectService%%1053

Error: (05/02/2015 09:30:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000lxeaCATSCustConnectService

Error: (05/02/2015 09:30:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (05/02/2015 09:30:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (05/02/2015 09:29:56 PM) (Source: TermService) (EventID: 1057) (User: )
Description: Fehler beim Erstellen eines neuen selbstsignierten Zertifikats für die Terminalserver-Authentifizierung bei SSL-Verbindungen auf dem Terminalserver. Der betreffende Statuscode war Schlüssel ist im angegebenen Status nicht gültig.
.

Error: (05/02/2015 09:26:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office Sessions:
=========================
Error: (05/02/2015 09:26:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 554 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (01/07/2015 11:09:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2993 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (01/07/2015 11:09:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2965 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/07/2015 11:09:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2951 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/26/2014 10:07:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13351 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (02/27/2014 06:29:37 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1742 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/02/2013 02:23:23 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 678 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (12/13/2012 11:26:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 436 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/11/2012 08:17:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 44 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/14/2012 10:14:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 700 seconds with 660 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-04-27 19:02:11.918
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:11.212
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:10.589
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:09.988
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:08.591
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:07.927
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:07.287
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-27 19:02:06.589
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-24 19:06:11.038
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-24 19:06:10.195
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
Percentage of memory in use: 68%
Total physical RAM: 2045.69 MB
Available physical RAM: 634.46 MB
Total Pagefile: 4334.6 MB
Available Pagefile: 2316.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1910.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:176.24 GB) (Free:91.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 186.3 GB) (Disk ID: A8CB6A4C)
Partition 1: (Not Active) - (Size=10.1 GB) - (Type=27)
Partition 2: (Active) - (Size=176.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 03.05.2015, 13:49

Perfekt. Noch Probleme?

Jami87 · 03.05.2015, 16:08

Sieht gut aus, ja?

Also Probleme an für sich nicht mehr, nur von Avira kommt immernoch eine Fehlermeldung, wenn ich den PC starte (dass es nicht richtig funktioniert) - aber vielleicht hilft da ja eine Neuinstallation? Wobei es ja läuft...

schrauber · 04.05.2015, 11:34

Ja, installier mal neu.

Jami87 · 04.05.2015, 17:55

Ok, danke dir nochmals. Hoffe, dass ich jetzt mal ne Weile hinkomme ohne Viren und Grafikkartenfehler ;-).

schrauber · 05.05.2015, 08:09

Läuft Avira jetzt?

01.05.2015, 15:30	#66
schrauber /// the machine /// TB-Ausbilder	Virus/Viren, z.B. SmartSaver eingefangen Na, wer hat denn den Namen rausgelöscht und durch Sterne ersetzt? DU, also musst DU das ja wissen Benutzername __________________ --> Virus/Viren, z.B. SmartSaver eingefangen

03.05.2015, 13:49	#71
schrauber /// the machine /// TB-Ausbilder	Virus/Viren, z.B. SmartSaver eingefangen Perfekt. Noch Probleme? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

04.05.2015, 11:34	#73
schrauber /// the machine /// TB-Ausbilder	Virus/Viren, z.B. SmartSaver eingefangen Ja, installier mal neu. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

05.05.2015, 08:09	#75
schrauber /// the machine /// TB-Ausbilder	Virus/Viren, z.B. SmartSaver eingefangen Läuft Avira jetzt? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Virus/Viren, z.B. SmartSaver eingefangen

Plagegeister aller Art und deren Bekämpfung: Virus/Viren, z.B. SmartSaver eingefangen