Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   PC äußerst langsam - Bootet langsam (https://www.trojaner-board.de/157487-pc-aeusserst-langsam-bootet-langsam.html)

bodyshot174 11.08.2014 18:29
PC äußerst langsam - Bootet langsam
 
Guten Abend,

ich habe seit geraumer Zeit Probleme mit meinem Rechner. Das heißt, dass er arg langsam ist und seit neuestem auch immer wieder mal Internetverbindungen mir verlangsamt vorkommen. Ebenso das Booten benötigt eine gefühlte Ewigkeit. Außerdem funktionieren Spiele nicht mehr so flüssig wie das eigentlich sonst der Fall war.

Vor gut drei Monaten hatte ich mir bereits irgendwas (kann ich leider nicht mehr genau sagen) auf den Rechner geholt, was automatisch ohne mein dazutun weitere Dinge installiert hat. Hier hatte ich dann das Problem, dass alle Browser eine neue Startseite hatten. Daraufhin hatte ich bereits Malwarebytes laufen lassen und alles in die Quarantäne verschoben. So waren bis auf google Crome wieder alle Browser ok. Leider ist das schon eine Weile her, sodass ich dazu keine weiteren Infos liefern kann.

Nachdem mich das nun derart stört hatte ich bereits einen Suchlauf mit AdwCleaner durchgeführt. Die Log Datei füge ich bei. Dadurch ist die Startseite bei Crome nun auch wieder korrekt.

Ich bitte Euch um Hilfe, weil ich selbst nicht genügend Wissen habe um dem Problem Herr zu werden. Weitere Fragen beantworte ich natürlich jederzeit.

GMER:
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-11 19:00:35
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-7 SAMSUNG_HD154UI rev.1AG01118 1397,26GB
Running: Gmer-19357.exe; Driver: C:\Users\Marcel\AppData\Local\Temp\pgddipow.sys


---- Kernel code sections - GMER 2.1 ----

.text  C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload                                                                                                            fffff8800f228d8c 12 bytes {MOV RAX, 0xfffffa8007e992a0; JMP RAX}

---- User code sections - GMER 2.1 ----

.text  C:\Windows\system32\wininit.exe[708] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                    000000007743ef8d 1 byte [62]
.text  C:\Windows\system32\winlogon.exe[756] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  000000007743ef8d 1 byte [62]
.text  C:\Windows\system32\services.exe[804] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  000000007743ef8d 1 byte [62]
.text  C:\Windows\system32\atiesrxx.exe[572] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  000000007743ef8d 1 byte [62]
.text  C:\Windows\System32\svchost.exe[920] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                    000000007743ef8d 1 byte [62]
.text  C:\Windows\system32\svchost.exe[1044] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  000000007743ef8d 1 byte [62]
.text  C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1072] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe[1236] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                        000000007587a2fd 1 byte [62]
.text  C:\Windows\system32\svchost.exe[1420] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  000000007743ef8d 1 byte [62]
.text  C:\Windows\Explorer.EXE[1780] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                          000000007743ef8d 1 byte [62]
.text  C:\Windows\system32\taskhost.exe[1412] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  000000007743ef8d 1 byte [62]
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1860] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                  000000007743ef8d 1 byte [62]
.text  C:\Program Files\System\O&O Software\Defrag 15\oodtray.exe[1816] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                        000000007743ef8d 1 byte [62]
.text  C:\Program Files\Logitech Gaming Software\LCore.exe[1912] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                              000000007743ef8d 1 byte [62]
.text  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2100] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                      000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\Ralink\Common\RaUI.exe[2176] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                    000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe[2264] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                        000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe[2384] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                            000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe[2392] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\GameTracker\GSInGameService.exe[2616] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                            000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\GameTracker\GSInGameService.exe[2616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                          00000000759c1465 2 bytes [9C, 75]
.text  C:\Program Files (x86)\GameTracker\GSInGameService.exe[2616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                        00000000759c14bb 2 bytes [9C, 75]
.text  ...                                                                                                                                                          * 2
.text  C:\Program Files\Internet\Avast5\AvastUI.exe[2628] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                              0000000075858791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text  C:\Program Files\Internet\Avast5\AvastUI.exe[2628] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                      000000007587a2fd 1 byte [62]
.text  C:\Program Files\Internet\Avast5\AvastUI.exe[2628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                    00000000759c1465 2 bytes [9C, 75]
.text  C:\Program Files\Internet\Avast5\AvastUI.exe[2628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                  00000000759c14bb 2 bytes [9C, 75]
.text  ...                                                                                                                                                          * 2
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[2708] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe[2736] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1160] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  000000007587a2fd 1 byte [62]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                  000000007587a2fd 1 byte [62]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                      0000000073b11a22 2 bytes [B1, 73]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                      0000000073b11ad0 2 bytes [B1, 73]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                      0000000073b11b08 2 bytes [B1, 73]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                      0000000073b11bba 2 bytes [B1, 73]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                      0000000073b11bda 2 bytes [B1, 73]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                00000000759c1465 2 bytes [9C, 75]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                              00000000759c14bb 2 bytes [9C, 75]
.text  ...                                                                                                                                                          * 2
.text  C:\Program Files (x86)\Ralink\Common\RaRegistry.exe[2432] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                              000000007587a2fd 1 byte [62]
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                        000000007587a2fd 1 byte [62]
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!DispatchMessageW                                                                              000000007530787b 5 bytes JMP 000000016bd15450
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!DispatchMessageA                                                                              0000000075307bbb 5 bytes JMP 000000016bd15420
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!CreateWindowExW                                                                              0000000075308a29 5 bytes JMP 000000016bd15e30
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!SetWindowPos                                                                                  0000000075308e4e 5 bytes JMP 000000016bd155b0
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!DestroyWindow                                                                                0000000075309a55 5 bytes JMP 000000016bd15580
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!CreateWindowExA                                                                              000000007530d22e 5 bytes JMP 000000016bd15cf0
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                                                  00000000753105ba 5 bytes JMP 000000016bd15770
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!ShowWindow                                                                                    0000000075310dfb 5 bytes JMP 000000016bd15480
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!EndPaint                                                                                      0000000075311341 5 bytes JMP 000000016bd15850
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!BeginPaint                                                                                    0000000075311361 5 bytes JMP 000000016bd157f0
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!UpdateLayeredWindowIndirect                                                                  00000000753128da 5 bytes JMP 000000016bd15c70
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!SetCursor                                                                                    00000000753141f6 5 bytes JMP 000000016bd14f80
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                                                  0000000075315f74 5 bytes JMP 000000016bd15710
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!BringWindowToTop                                                                              0000000075317b3b 5 bytes JMP 000000016bd157d0
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!AnimateWindow                                                                                000000007531b531 5 bytes JMP 000000016bd15620
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!UpdateLayeredWindow                                                                          000000007531ba4a 5 bytes JMP 000000016bd15ba0
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!WindowFromPoint                                                                              000000007532ed12 5 bytes JMP 000000016bd14fa0
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!SetCapture                                                                                    000000007532ed56 5 bytes JMP 000000016bd156f0
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!SetForegroundWindow                                                                          000000007532f170 5 bytes JMP 000000016bd156b0
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\GDI32.dll!BitBlt                                                                                        0000000075265ea6 5 bytes JMP 000000016bd14fd0
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                                                                      00000000759c1465 2 bytes [9C, 75]
.text  C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                                                                    00000000759c14bb 2 bytes [9C, 75]
.text  ...                                                                                                                                                          * 2
.text  C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe[3444] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                          000000007743ef8d 1 byte [62]
.text  C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe[3992] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                      000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe[4092] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                          000000007587a2fd 1 byte [62]
.text  C:\PROGRA~2\Raptr\raptr_im.exe[4116] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                    000000007587a2fd 1 byte [62]
.text  C:\PROGRA~2\Raptr\raptr_im.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                  00000000759c1465 2 bytes [9C, 75]
.text  C:\PROGRA~2\Raptr\raptr_im.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                00000000759c14bb 2 bytes [9C, 75]
.text  ...                                                                                                                                                          * 2
.text  C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe[4624] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112  000000007587a2fd 1 byte [62]
.text  C:\Program Files (x86)\Nero\Update\NASvc.exe[4052] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                      000000007587a2fd 1 byte [62]
.text  C:\Windows\system32\svchost.exe[2232] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  000000007743ef8d 1 byte [62]
.text  C:\Users\Marcel\Desktop\Gmer-19357.exe[3896] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                            000000007587a2fd 1 byte [62]

---- Devices - GMER 2.1 ----

Device  \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-6                                                                                                                  fffffa80070542c0
Device  \Driver\atapi \Device\Ide\IdePort4                                                                                                                            fffffa80070542c0
Device  \Driver\atapi \Device\Ide\IdePort0                                                                                                                            fffffa80070542c0
Device  \Driver\atapi \Device\Ide\IdeDeviceP5T0L0-7                                                                                                                  fffffa80070542c0
Device  \Driver\atapi \Device\Ide\IdePort5                                                                                                                            fffffa80070542c0
Device  \Driver\atapi \Device\Ide\IdePort1                                                                                                                            fffffa80070542c0
Device  \Driver\atapi \Device\Ide\IdePort2                                                                                                                            fffffa80070542c0
Device  \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1                                                                                                                  fffffa80070542c0
Device  \Driver\atapi \Device\Ide\IdePort3                                                                                                                            fffffa80070542c0
Device  \Driver\aa14zslc \Device\Scsi\aa14zslc1Port6Path0Target0Lun0                                                                                                  fffffa8007f2c2c0
Device  \Driver\aa14zslc \Device\Scsi\aa14zslc1                                                                                                                      fffffa8007f2c2c0
Device  \FileSystem\Ntfs \Ntfs                                                                                                                                        fffffa800705a2c0
Device  \Driver\usbehci \Device\USBFDO-7                                                                                                                              fffffa8007ee02c0
Device  \Driver\usbuhci \Device\USBPDO-5                                                                                                                              fffffa8007ec02c0
Device  \Driver\usbehci \Device\USBFDO-3                                                                                                                              fffffa8007ee02c0
Device  \Driver\usbuhci \Device\USBPDO-1                                                                                                                              fffffa8007ec02c0
Device  \Driver\USBSTOR \Device\0000009a                                                                                                                              fffffa8008c0f2c0
Device  \Driver\cdrom \Device\CdRom0                                                                                                                                  fffffa8007c3f2c0
Device  \Driver\dtsoftbus01 \Device\00000080                                                                                                                          fffffa8007b912c0
Device  \Driver\cdrom \Device\CdRom1                                                                                                                                  fffffa8007c3f2c0
Device  \Driver\cdrom \Device\CdRom2                                                                                                                                  fffffa8007c3f2c0
Device  \Driver\usbuhci \Device\USBPDO-6                                                                                                                              fffffa8007ec02c0
Device  \Driver\usbuhci \Device\USBFDO-4                                                                                                                              fffffa8007ec02c0
Device  \Driver\USBSTOR \Device\0000009b                                                                                                                              fffffa8008c0f2c0
Device  \Driver\usbuhci \Device\USBFDO-0                                                                                                                              fffffa8007ec02c0
Device  \Driver\usbuhci \Device\USBPDO-2                                                                                                                              fffffa8007ec02c0
Device  \Driver\dtsoftbus01 \Device\DTSoftBusCtl                                                                                                                      fffffa8007b912c0
Device  \Driver\NetBT \Device\NetBT_Tcpip_{3A19D8A8-6D80-450C-A4F4-1B198B0C2248}                                                                                      fffffa8007d612c0
Device  \Driver\usbehci \Device\USBPDO-7                                                                                                                              fffffa8007ee02c0
Device  \Driver\usbuhci \Device\USBFDO-5                                                                                                                              fffffa8007ec02c0
Device  \Driver\usbehci \Device\USBPDO-3                                                                                                                              fffffa8007ee02c0
Device  \Driver\usbuhci \Device\USBFDO-1                                                                                                                              fffffa8007ec02c0
Device  \Driver\USBSTOR \Device\00000096                                                                                                                              fffffa8008c0f2c0
Device  \Driver\NetBT \Device\NetBT_Tcpip_{04E93810-C241-4A50-B31A-9732613B6D55}                                                                                      fffffa8007d612c0
Device  \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                                      fffffa8007d612c0
Device  \Driver\usbuhci \Device\USBFDO-6                                                                                                                              fffffa8007ec02c0
Device  \Driver\usbuhci \Device\USBPDO-4                                                                                                                              fffffa8007ec02c0
Device  \Driver\atapi \Device\ScsiPort0                                                                                                                              fffffa80070542c0
Device  \Driver\usbuhci \Device\USBFDO-2                                                                                                                              fffffa8007ec02c0
Device  \Driver\NetBT \Device\NetBT_Tcpip_{8B2CDE5C-EF15-44F2-A3BB-9A91EAA6AC72}                                                                                      fffffa8007d612c0
Device  \Driver\usbuhci \Device\USBPDO-0                                                                                                                              fffffa8007ec02c0
Device  \Driver\atapi \Device\ScsiPort1                                                                                                                              fffffa80070542c0
Device  \Driver\atapi \Device\ScsiPort2                                                                                                                              fffffa80070542c0
Device  \Driver\USBSTOR \Device\00000093                                                                                                                              fffffa8008c0f2c0
Device  \Driver\atapi \Device\ScsiPort3                                                                                                                              fffffa80070542c0
Device  \Driver\atapi \Device\ScsiPort4                                                                                                                              fffffa80070542c0
Device  \Driver\atapi \Device\ScsiPort5                                                                                                                              fffffa80070542c0
Device  \Driver\aa14zslc \Device\ScsiPort6                                                                                                                            fffffa8007f2c2c0

---- Trace I/O - GMER 2.1 ----

Trace  ntoskrnl.exe CLASSPNP.SYS disk.sys Sahdad64.sys ACPI.sys >>UNKNOWN [0xfffffa80070542c0]<< sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys      fffffa80070542c0
Trace  1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800781f060]                                                                                              fffffa800781f060
Trace  3 CLASSPNP.SYS[fffff88001b2243f] -> nt!IofCallDriver -> [0xfffffa8007688a20]                                                                                  fffffa8007688a20
Trace  5 Sahdad64.sys[fffff88001aade25] -> nt!IofCallDriver -> [0xfffffa800751d580]                                                                                  fffffa800751d580
Trace  7 ACPI.sys[fffff880011977a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-7[0xfffffa8007521060]                                                        fffffa8007521060
Trace  \Driver\atapi[0xfffffa80074fc8e0] -> IRP_MJ_CREATE -> 0xfffffa80070542c0                                                                                      fffffa80070542c0

---- Modules - GMER 2.1 ----

Module  \SystemRoot\System32\Drivers\aa14zslc.SYS (USB Mass Storage Class Driver/Microsoft Corporation SIGNED)(2011-04-29 20:29:52)                                  fffff88007911000-fffff88007962000 (331776 bytes)

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                                             
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                                          C:\Program Files (x86)\DAEMON Tools Pro\
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                          0x00 0x00 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                          0
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                                        0xCF 0x48 0x28 0xA6 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                                                                   
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                                  0xA0 0x02 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                                              0x2E 0xEA 0xBF 0x12 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                                                               
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                                          0xAB 0x85 0xB4 0xFA ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                                         
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                                              C:\Program Files (x86)\DAEMON Tools Pro\
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                              0x00 0x00 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                              0
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                                            0xCF 0x48 0x28 0xA6 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                                               
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                                      0xA0 0x02 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                                                  0x2E 0xEA 0xBF 0x12 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                                           
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                                              0xAB 0x85 0xB4 0xFA ...

---- EOF - GMER 2.1 ----
FRST:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Marcel (administrator) on HOME on 11-08-2014 18:36:09
Running from C:\Users\Marcel\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Internet\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(O&O Software GmbH) C:\Program Files\System\O&O Software\Defrag 15\oodtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
(AVAST Software) C:\Program Files\Internet\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(O&O Software GmbH) C:\Program Files\System\O&O Software\DriveLED\oodlag.exe
(O&O Software GmbH) C:\Program Files\System\O&O Software\Defrag 15\oodag.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(iZ3D Inc.) C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(iZ3D Inc.) C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(CyberLink Corp.) C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Internet\Mozilla Firefox 3\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [OODefragTray] => C:\Program Files\System\O&O Software\Defrag 15\oodtray.exe [3998064 2012-06-06] (O&O Software GmbH)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Internet\Avast5\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\Run: [Wondershare Helper Compact.exe] => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe"
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-07-30] (Raptr, Inc)
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: G - G:\AutoRunCD.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: K - K:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {089e7035-ff5d-11de-a98e-001d7da641eb} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {089e703c-ff5d-11de-a98e-001d7da641eb} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {5c06a8ec-4219-11df-824d-001d7da641eb} - F:\pushinst.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {ea1c07d2-c6f6-11e2-92ad-001d7da641eb} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {ed7af490-5425-11e3-b9d2-001d7da641eb} - K:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Internet\Avast5\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * OODBS
GroupPolicyUsers\S-1-5-21-2598369041-3088188982-4083831754-1004\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1B8194EA3F99CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Internet\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Internet\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - T1 - {4180A6C9-26D0-4A15-A2CD-A24E3178E386} - C:\Program Files (x86)\System\Langenscheidt T1 6.0\Engine\Langenscheidt T1 6_0\mte\StdAlone\T1IE.dll (Comprendium Lingua GmbH.)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default
FF DefaultSearchEngine: Microsoft (Bing)
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF NetworkProxy: "backup.ftp", "hxxp://americanproxie.info/"
FF NetworkProxy: "backup.ftp_port", 9666
FF NetworkProxy: "backup.socks", "hxxp://americanproxie.info/"
FF NetworkProxy: "backup.socks_port", 9666
FF NetworkProxy: "backup.ssl", "hxxp://americanproxie.info/"
FF NetworkProxy: "backup.ssl_port", 9666
FF NetworkProxy: "ftp", "hxxp://americanproxie.info/"
FF NetworkProxy: "ftp_port", 66
FF NetworkProxy: "http", "hxxp://americanproxie.info/"
FF NetworkProxy: "http_port", 66
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "hxxp://americanproxie.info/"
FF NetworkProxy: "socks_port", 66
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "hxxp://americanproxie.info/"
FF NetworkProxy: "ssl_port", 66
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\Medien\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Treiber\Canon Pixma MX870\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\Medien\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Foto+Video\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Marcel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Marcel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Marcel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marcel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Marcel\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF SearchPlugin: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\searchplugins\bing-avast.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\Extensions\ich@maltegoetz.de [2012-12-18]
FF Extension: Stylish - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2011-05-06]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-05-31]
FF HKLM-x32\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Marcel\AppData\Roaming\14001.006
FF Extension: Java Link Helper - C:\Users\Marcel\AppData\Roaming\14001.006 [2012-07-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Internet\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Internet\Avast5\WebRep\FF [2011-04-15]
FF HKCU\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Marcel\AppData\Roaming\14001.006
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Marcel\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Marcel\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Marcel\AppData\Local\Google\Chrome\Application\36.0.1985.125\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin7.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Foto+Video\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\Medien\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Treiber\Canon Pixma MX870\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Unity Player) - C:\Users\Marcel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Marcel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Extension: (YouTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (ProxyTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnmbofoofebojccpdnfhnegmiifdgpfg [2012-01-07]
CHR Extension: (Google-Suche) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (Google Wallet) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-12]
CHR Extension: (Google Mail) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Internet\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457200 2009-06-02] ()
R2 avast! Antivirus; C:\Program Files\Internet\Avast5\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
S4 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [39408 2010-09-13] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-03-14] (CyberLink Corp.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-12-03] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-12-03] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-05-20] (Creative Technology Ltd) [File not signed]
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-03-14] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-03-14] (CyberLink)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 O&O DriveLED; C:\Program Files\System\O&O Software\DriveLED\oodlag.exe [610048 2009-09-28] (O&O Software GmbH)
R2 OODefragAgent; C:\Program Files\System\O&O Software\Defrag 15\oodag.exe [3293552 2012-06-06] (O&O Software GmbH)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-09] ()
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [619872 2010-12-31] ()
S3 RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [1099248 2010-07-16] (Sonic Solutions)
R2 S3D Service (Win32); C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe [360960 2010-03-18] (iZ3D Inc.) [File not signed]
R2 S3D Service (Win64); C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe [614400 2010-03-18] (iZ3D Inc.) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [615936 2010-06-14] (Nokia) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ASAPIW2K; C:\Windows\SysWOW64\drivers\Asapiw2k.sys [11264 2002-04-17] (VOB Computersysteme GmbH) [File not signed]
S3 asusgsb; C:\Windows\System32\drivers\asusgsb.sys [17792 2009-02-17] (ASUSTeK Computer Inc.) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-01] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-03-04] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
S3 bfturboh; C:\Windows\SysWOW64\drivers\bfturboh.sys [17152 2008-02-12] (BUFFALO INC.) [File not signed]
S0 CLBStor; C:\Windows\SysWow64\Drivers\CLBStor.sys [10368 2008-10-20] (Cyberlink Co.,Ltd.) [File not signed]
S2 CLBUDFR; C:\Windows\SysWow64\Drivers\CLBUDFR.sys [154368 2008-10-20] (CyberLink Corporation.) [File not signed]
R2 cpuz133; C:\Windows\system32\drivers\cpuz133_x64.sys [20456 2010-03-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-12-11] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [13872 2004-06-11] (GEAR Software Inc.)
R1 iZ3DInjectionDriver; C:\Program Files (x86)\iZ3D Driver\Win64\S3DInjectionDriver.sys [43704 2009-05-27] ()
S3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [44272 2013-01-17] (Logitech Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-03-04] ()
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 MODEMCSA; C:\Windows\system32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [82928 2011-10-27] (Cyberlink Corp.)
R0 OODrvled; C:\Windows\System32\DRIVERS\OODrvled.sys [30216 2009-09-28] (O&O Software GmbH)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1627520 2009-06-10] (NXP Semiconductors)
R3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [129024 2008-01-21] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2008-02-18] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [41216 2008-02-18] (Saitek)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-12-11] (Duplex Secure Ltd.)
R0 tclondrv; C:\Windows\System32\DRIVERS\tclondrv.sys [26856 2012-02-24] (TuneClone Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [File not signed]
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [993280 2007-07-20] (C-Media Inc)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl [146928 2012-02-16] (CyberLink Corp.)
U3 aa14zslc; C:\Windows\System32\Drivers\aa14zslc.sys [0 ] (Microsoft Corporation)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 AndNetGps; system32\DRIVERS\lgandnetgps64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 ATICDSDr; \??\C:\Users\Marcel\AppData\Local\Temp\ATICDSDr.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S1 EIO64; system32\DRIVERS\EIO64.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 nmwcdcx64; system32\drivers\ccdcmbox64.sys [X]
S3 nmwcdx64; system32\drivers\ccdcmbx64.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x64\Sandra.sys [X]
S3 smserial; system32\DRIVERS\smserial.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltx64j.sys [X]
S3 zlportio; \??\G:\Software\Audio - Bearbeitung\Ultrastar\Ultrastar-Deluxe-100\zlportio.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 18:36 - 2014-08-11 18:37 - 00033653 _____ () C:\Users\Marcel\Desktop\FRST.txt
2014-08-11 18:35 - 2014-08-11 18:36 - 00000000 ____D () C:\FRST
2014-08-11 18:35 - 2014-08-11 18:35 - 00023528 _____ () C:\Users\Marcel\Desktop\AdwCleaner[S0].txt
2014-08-11 18:34 - 2014-08-11 18:34 - 02099712 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2014-08-11 18:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-11 18:03 - 2014-08-11 18:17 - 00000000 ____D () C:\AdwCleaner
2014-08-11 18:02 - 2014-08-11 18:02 - 01366203 _____ () C:\Users\Marcel\Downloads\adwcleaner_3.304.exe
2014-08-11 15:53 - 2014-08-11 15:53 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Marcel\Downloads\GPU-Z.0.7.8.exe
2014-08-11 15:35 - 2014-08-11 15:35 - 00000000 ____D () C:\ProgramData\ATI
2014-08-11 15:34 - 2014-08-11 15:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-08-11 15:34 - 2014-08-11 15:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\library_dir
2014-08-11 15:30 - 2014-08-11 18:23 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Raptr
2014-08-11 15:30 - 2014-08-11 15:34 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-11 15:30 - 2014-08-11 15:30 - 00056272 _____ () C:\Windows\SysWOW64\CCCInstall_201408111530280893.log
2014-08-11 15:30 - 2014-08-11 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-11 15:30 - 2014-08-11 15:30 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-11 15:25 - 2014-08-11 15:25 - 00000000 ____D () C:\Program Files\AMD
2014-08-11 15:21 - 2014-08-11 15:21 - 00000000 ____D () C:\AMD
2014-08-11 15:18 - 2014-08-11 15:20 - 00000000 ____D () C:\Users\Marcel\Desktop\Unsortiert
2014-08-11 01:01 - 2014-08-11 01:19 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\GameTracker
2014-08-11 01:01 - 2014-08-11 01:01 - 00001026 _____ () C:\Users\Marcel\Desktop\GameTracker Lite.lnk
2014-08-11 01:01 - 2014-08-11 01:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite
2014-08-11 01:01 - 2014-08-11 01:01 - 00000000 ____D () C:\Program Files (x86)\GameTracker
2014-08-09 11:55 - 2014-08-09 11:55 - 00000529 _____ () C:\Users\Marcel\Desktop\Origin.lnk
2014-08-09 02:28 - 2014-08-09 02:28 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-07 17:46 - 2014-08-07 17:46 - 00001364 _____ () C:\Users\Marcel\Desktop\Steam.lnk
2014-08-05 20:25 - 2014-08-11 15:03 - 00003138 _____ () C:\Users\Marcel\Desktop\steam.txt
2014-08-05 20:25 - 2011-12-03 10:58 - 00002078 _____ () C:\Users\Marcel\Desktop\steam (2).txt
2014-08-02 18:35 - 2014-08-02 18:35 - 00007177 _____ () C:\Users\Marcel\AppData\Local\recently-used.xbel
2014-08-02 17:24 - 2014-08-02 18:32 - 00000000 ____D () C:\Users\Marcel\AppData\Local\gtk-2.0
2014-08-02 17:24 - 2014-08-02 17:24 - 00000000 ____D () C:\Users\Marcel\.thumbnails
2014-08-02 17:19 - 2014-08-02 18:35 - 00000000 ____D () C:\Users\Marcel\.gimp-2.8
2014-08-02 17:19 - 2014-08-02 17:28 - 00000892 _____ () C:\Users\Marcel\Desktop\GIMP 2.lnk
2014-08-02 17:19 - 2014-08-02 17:19 - 00000000 ____D () C:\Users\Marcel\AppData\Local\gegl-0.2
2014-08-02 17:18 - 2014-08-02 17:18 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-08-02 17:17 - 2014-08-02 17:18 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-02 12:11 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 12:11 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 12:11 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 12:11 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 12:11 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 12:11 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 12:11 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 12:11 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 12:10 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 12:10 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 12:10 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 12:10 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 12:10 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 12:10 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 23:31 - 2014-08-01 23:31 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-01 23:31 - 2014-08-01 23:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-01 23:31 - 2014-08-01 23:31 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-31 15:35 - 2014-07-31 15:35 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Skype
2014-07-31 15:35 - 2014-07-31 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-31 00:48 - 2014-07-31 00:50 - 00004096 _____ () C:\Users\Public\Documents\0000549F.LCS
2014-07-31 00:48 - 2014-07-31 00:48 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\ProtectDISC
2014-07-31 00:42 - 2014-07-31 00:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-31 00:40 - 2014-07-31 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadriga Games
2014-07-31 00:17 - 2014-07-31 00:17 - 00000000 ____D () C:\Program Files (x86)\Quadriga Games
2014-07-30 11:04 - 2014-07-31 12:23 - 00000000 ____D () C:\Users\Marcel\Desktop\Wohnungen
2014-07-29 13:37 - 2014-07-29 13:39 - 00000000 ____D () C:\Users\Marcel\Desktop\Anwalt Albert
2014-07-28 15:05 - 2014-08-02 16:59 - 00000000 ____D () C:\Users\Marcel\Documents\FUSSBALL MANAGER 14
2014-07-28 15:04 - 2014-07-28 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 14
2014-07-28 12:15 - 2014-07-28 12:39 - 00000000 ____D () C:\Users\Marcel\Downloads\Der_Koenig_Der_Loewen_(Musical_Soundtrack)-FLAC-DE-2002-LiONKiNG
2014-07-22 14:55 - 2014-07-22 14:57 - 17034857 _____ () C:\Users\Marcel\Downloads\Gmail (1).zip
2014-07-12 17:18 - 2014-07-12 17:19 - 15253171 _____ () C:\Users\Marcel\Downloads\Gmail.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 18:37 - 2014-08-11 18:36 - 00033653 _____ () C:\Users\Marcel\Desktop\FRST.txt
2014-08-11 18:36 - 2014-08-11 18:35 - 00000000 ____D () C:\FRST
2014-08-11 18:35 - 2014-08-11 18:35 - 00023528 _____ () C:\Users\Marcel\Desktop\AdwCleaner[S0].txt
2014-08-11 18:34 - 2014-08-11 18:34 - 02099712 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2014-08-11 18:30 - 2009-07-14 06:45 - 00021632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-11 18:30 - 2009-07-14 06:45 - 00021632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-11 18:29 - 2012-08-17 11:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-11 18:27 - 2010-01-09 00:23 - 02080226 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 18:23 - 2014-08-11 15:30 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Raptr
2014-08-11 18:22 - 2013-05-28 18:53 - 00000000 ____D () C:\Users\Marcel\AppData\Local\HTC MediaHub
2014-08-11 18:22 - 2011-04-12 23:42 - 00000432 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-11 18:21 - 2012-07-22 14:09 - 00004172 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-11 18:20 - 2011-03-22 00:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-11 18:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-11 18:19 - 2011-12-14 07:12 - 00174145 _____ () C:\Windows\setupact.log
2014-08-11 18:18 - 2010-01-09 18:51 - 03781145 _____ () C:\Windows\system32\oodbs.lor
2014-08-11 18:18 - 2010-01-09 04:57 - 00689016 _____ () C:\Windows\PFRO.log
2014-08-11 18:17 - 2014-08-11 18:03 - 00000000 ____D () C:\AdwCleaner
2014-08-11 18:17 - 2014-07-07 16:29 - 00000866 _____ () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-11 18:17 - 2011-03-20 14:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-11 18:17 - 2010-01-12 15:44 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet
2014-08-11 18:17 - 2010-01-09 00:30 - 00000963 _____ () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-11 18:03 - 2011-03-20 14:33 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA.job
2014-08-11 18:02 - 2014-08-11 18:02 - 01366203 _____ () C:\Users\Marcel\Downloads\adwcleaner_3.304.exe
2014-08-11 17:56 - 2011-03-22 00:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-11 17:54 - 2011-10-13 20:35 - 00001142 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA.job
2014-08-11 17:54 - 2010-01-14 21:59 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{75A9082D-E348-420E-B526-BD3D396163AB}
2014-08-11 17:13 - 2011-02-24 14:53 - 00000000 ____D () C:\Users\Marcel\Downloads\Software
2014-08-11 16:03 - 2011-04-28 06:58 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core1cc0560e24762f0.job
2014-08-11 15:53 - 2014-08-11 15:53 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Marcel\Downloads\GPU-Z.0.7.8.exe
2014-08-11 15:35 - 2014-08-11 15:35 - 00000000 ____D () C:\ProgramData\ATI
2014-08-11 15:34 - 2014-08-11 15:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-08-11 15:34 - 2014-08-11 15:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\library_dir
2014-08-11 15:34 - 2014-08-11 15:30 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-11 15:30 - 2014-08-11 15:30 - 00056272 _____ () C:\Windows\SysWOW64\CCCInstall_201408111530280893.log
2014-08-11 15:30 - 2014-08-11 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-11 15:30 - 2014-08-11 15:30 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-11 15:30 - 2012-05-07 07:09 - 00000000 ____D () C:\ProgramData\AMD
2014-08-11 15:29 - 2011-12-13 23:30 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-11 15:25 - 2014-08-11 15:25 - 00000000 ____D () C:\Program Files\AMD
2014-08-11 15:23 - 2013-01-08 15:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-11 15:21 - 2014-08-11 15:21 - 00000000 ____D () C:\AMD
2014-08-11 15:21 - 2010-12-12 01:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-11 15:20 - 2014-08-11 15:18 - 00000000 ____D () C:\Users\Marcel\Desktop\Unsortiert
2014-08-11 15:20 - 2011-03-01 01:02 - 00000000 ___RD () C:\Users\Marcel\Desktop\Games
2014-08-11 15:03 - 2014-08-05 20:25 - 00003138 _____ () C:\Users\Marcel\Desktop\steam.txt
2014-08-11 14:35 - 2011-11-26 22:57 - 00000000 ____D () C:\ProgramData\Origin
2014-08-11 01:19 - 2014-08-11 01:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\GameTracker
2014-08-11 01:01 - 2014-08-11 01:01 - 00001026 _____ () C:\Users\Marcel\Desktop\GameTracker Lite.lnk
2014-08-11 01:01 - 2014-08-11 01:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite
2014-08-11 01:01 - 2014-08-11 01:01 - 00000000 ____D () C:\Program Files (x86)\GameTracker
2014-08-10 23:46 - 2011-10-13 20:35 - 00001120 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core.job
2014-08-10 21:44 - 2010-01-09 13:01 - 00570014 _____ () C:\Windows\DirectX.log
2014-08-10 21:35 - 2011-03-02 05:02 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Skype
2014-08-10 15:24 - 2010-04-09 17:43 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-10 13:39 - 2011-11-29 22:21 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-10 13:39 - 2011-11-27 13:37 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-10 13:33 - 2010-01-16 17:28 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-09 12:33 - 2013-11-18 01:36 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-08-09 12:05 - 2011-03-16 18:57 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2014-08-09 11:55 - 2014-08-09 11:55 - 00000529 _____ () C:\Users\Marcel\Desktop\Origin.lnk
2014-08-09 02:42 - 2011-11-29 22:21 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-09 02:28 - 2014-08-09 02:28 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-09 02:22 - 2011-04-14 00:50 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Xfire
2014-08-09 02:21 - 2011-04-14 00:50 - 00000000 ____D () C:\ProgramData\Xfire
2014-08-09 02:14 - 2010-01-13 14:39 - 00000000 ____D () C:\Program Files (x86)\Büro
2014-08-07 23:28 - 2011-11-15 17:59 - 00000007 _____ () C:\Users\Marcel\Documents\mt-x_hook.txt
2014-08-07 23:28 - 2010-11-23 13:06 - 00000007 _____ () C:\Users\Marcel\Documents\mt-e_hook.txt
2014-08-07 17:46 - 2014-08-07 17:46 - 00001364 _____ () C:\Users\Marcel\Desktop\Steam.lnk
2014-08-06 12:04 - 2013-11-04 22:17 - 00000000 ____D () C:\Users\Marcel\Documents\Schriftverkehr
2014-08-06 11:29 - 2014-07-07 16:59 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-05 23:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-04 23:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-02 18:35 - 2014-08-02 18:35 - 00007177 _____ () C:\Users\Marcel\AppData\Local\recently-used.xbel
2014-08-02 18:35 - 2014-08-02 17:19 - 00000000 ____D () C:\Users\Marcel\.gimp-2.8
2014-08-02 18:32 - 2014-08-02 17:24 - 00000000 ____D () C:\Users\Marcel\AppData\Local\gtk-2.0
2014-08-02 17:28 - 2014-08-02 17:19 - 00000892 _____ () C:\Users\Marcel\Desktop\GIMP 2.lnk
2014-08-02 17:24 - 2014-08-02 17:24 - 00000000 ____D () C:\Users\Marcel\.thumbnails
2014-08-02 17:24 - 2010-01-09 00:29 - 00000000 ____D () C:\Users\Marcel
2014-08-02 17:19 - 2014-08-02 17:19 - 00000000 ____D () C:\Users\Marcel\AppData\Local\gegl-0.2
2014-08-02 17:18 - 2014-08-02 17:18 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-08-02 17:18 - 2014-08-02 17:17 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-02 16:59 - 2014-07-28 15:05 - 00000000 ____D () C:\Users\Marcel\Documents\FUSSBALL MANAGER 14
2014-08-02 15:06 - 2013-08-01 12:09 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-01 23:31 - 2014-08-01 23:31 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-01 23:31 - 2014-08-01 23:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-01 23:31 - 2014-08-01 23:31 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-01 23:31 - 2013-10-13 11:25 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-01 23:31 - 2013-10-13 11:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-01 23:31 - 2012-03-27 21:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-01 23:31 - 2011-04-15 15:21 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-01 23:31 - 2011-01-16 16:01 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-01 23:31 - 2010-12-18 13:30 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-01 23:31 - 2010-12-18 13:30 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-31 15:36 - 2011-03-02 05:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-31 15:35 - 2014-07-31 15:35 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Skype
2014-07-31 15:35 - 2014-07-31 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-31 15:35 - 2011-03-02 05:02 - 00000000 ____D () C:\ProgramData\Skype
2014-07-31 12:23 - 2014-07-30 11:04 - 00000000 ____D () C:\Users\Marcel\Desktop\Wohnungen
2014-07-31 00:50 - 2014-07-31 00:48 - 00004096 _____ () C:\Users\Public\Documents\0000549F.LCS
2014-07-31 00:48 - 2014-07-31 00:48 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\ProtectDISC
2014-07-31 00:42 - 2014-07-31 00:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-31 00:40 - 2014-07-31 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadriga Games
2014-07-31 00:40 - 2012-12-22 14:08 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Quadriga Games
2014-07-31 00:17 - 2014-07-31 00:17 - 00000000 ____D () C:\Program Files (x86)\Quadriga Games
2014-07-29 13:39 - 2014-07-29 13:37 - 00000000 ____D () C:\Users\Marcel\Desktop\Anwalt Albert
2014-07-28 15:04 - 2014-07-28 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 14
2014-07-28 15:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-28 14:48 - 2011-11-26 22:57 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Origin
2014-07-28 12:39 - 2014-07-28 12:15 - 00000000 ____D () C:\Users\Marcel\Downloads\Der_Koenig_Der_Loewen_(Musical_Soundtrack)-FLAC-DE-2002-LiONKiNG
2014-07-28 12:39 - 2011-03-16 20:16 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\foobar2000
2014-07-28 12:31 - 2012-06-22 10:05 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Audacity
2014-07-25 11:49 - 2013-01-06 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 11:42 - 2013-01-06 20:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 11:42 - 2013-01-06 20:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-22 14:57 - 2014-07-22 14:55 - 17034857 _____ () C:\Users\Marcel\Downloads\Gmail (1).zip
2014-07-17 16:51 - 2009-07-14 19:58 - 00713410 _____ () C:\Windows\system32\perfh007.dat
2014-07-17 16:51 - 2009-07-14 19:58 - 00155346 _____ () C:\Windows\system32\perfc007.dat
2014-07-17 16:51 - 2009-07-14 07:13 - 01658092 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 17:19 - 2014-07-12 17:18 - 15253171 _____ () C:\Users\Marcel\Downloads\Gmail.zip
2014-07-12 14:09 - 2014-01-22 13:54 - 00000000 ____D () C:\Users\Marcel\Desktop\Mr. Nuffels

Files to move or delete:
====================
C:\Users\Public\dcmsvcsetup.exe
C:\Users\Public\invokesi.exe


Some content of TEMP:
====================
C:\Users\Marcel\AppData\Local\Temp\1305nua.exe
C:\Users\Marcel\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\Marcel\AppData\Local\Temp\Caramava_bs.exe
C:\Users\Marcel\AppData\Local\Temp\cmd.dll
C:\Users\Marcel\AppData\Local\Temp\Crysis_Patch_1_2_launcher.exe
C:\Users\Marcel\AppData\Local\Temp\GUR24ED.exe
C:\Users\Marcel\AppData\Local\Temp\GURE56E.exe
C:\Users\Marcel\AppData\Local\Temp\GURF739.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\MSNC9E2.exe
C:\Users\Marcel\AppData\Local\Temp\NEventMessages.dll
C:\Users\Marcel\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Marcel\AppData\Local\Temp\OutlookConnector.exe
C:\Users\Marcel\AppData\Local\Temp\PicasaUpdater_528a.exe
C:\Users\Marcel\AppData\Local\Temp\Quarantine.exe
C:\Users\Marcel\AppData\Local\Temp\raptrpatch.exe
C:\Users\Marcel\AppData\Local\Temp\raptr_stub.exe
C:\Users\Marcel\AppData\Local\Temp\rootsupd.exe
C:\Users\Marcel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marcel\AppData\Local\Temp\sonarinst.exe
C:\Users\Marcel\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Marcel\AppData\Local\Temp\tmp43A8.exe
C:\Users\Marcel\AppData\Local\Temp\tmp87F3.exe
C:\Users\Marcel\AppData\Local\Temp\tmp9981.exe
C:\Users\Marcel\AppData\Local\Temp\tmpA38F.exe
C:\Users\Marcel\AppData\Local\Temp\tmpC792.exe
C:\Users\Marcel\AppData\Local\Temp\tmpF797.exe
C:\Users\Marcel\AppData\Local\Temp\unrar.dll
C:\Users\Marcel\AppData\Local\Temp\wmfdist.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-07 19:48

==================== End Of Log ============================


Das war erstmal alles was ich an Logs habe. Die Logdatein vom AdwCleaner und die Addition musste ich leider aufgrund der Zeichenzahl anhängen.

Bereits im Voraus vielen Dank für Eure Hilfe!

Freundliche Grüße


Marcel

schrauber 11.08.2014 19:30
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

bodyshot174 11.08.2014 21:21
Ok, sorry. Gesagt getan:

AdwCleaner:

Code:
# AdwCleaner v3.304 - Bericht erstellt am 11/08/2014 um 18:11:20
# Aktualisiert 08/08/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Marcel - HOME
# Gestartet von : C:\Users\Marcel\Downloads\adwcleaner_3.304.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\pc speed up
Ordner Gelöscht : C:\Windows\FoxTab
Ordner Gelöscht : C:\Program Files\V-bates
Ordner Gelöscht : C:\Users\Marcel\AppData\Local\eSupport.com
Ordner Gelöscht : C:\Users\Marcel\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Marcel\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Marcel\AppData\Local\Temp\FoxTab
Ordner Gelöscht : C:\Users\Marcel\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Marcel\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Marcel\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Marcel\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\Conduit
Ordner Gelöscht : C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\FoxTab

***** [ Tasks ] *****

Task Gelöscht : FF Watcher {72F10F3B-CC06-4314-84E6-8FEA3B2AD99F}

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet\Mozilla Firefox\Mozilla Firefox (Abgesicherter Modus).lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet\Mozilla Firefox\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\DeInstalls\Internet\Mozilla Firefox\Mozilla Firefox (Abgesicherter Modus).lnk
Verknüpfung Desinfiziert : C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Marcel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Marcel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Marcel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Marcel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_audiocon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_audiocon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_matrix-code-emulator_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_matrix-code-emulator_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Cheat Engine\OpenCandy
Schlüssel Gelöscht : HKLM\Software\FrEeSoFtOdAy
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\TENCENT
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17207

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 13);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.firstRun", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "849ADD3543AF943F44A4FA66150F2AF9");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.lastActv", "13");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 13);
Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "68ccf52e000000000000001f1faa6fb0");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16187");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.28.31:02:23");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.28.3");
Zeile gelöscht : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Zeile gelöscht : user_pref("iminent.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.enabledAds", "obsolete");
Zeile gelöscht : user_pref("iminent.trackExternalScripts1", "1398639772825");
Zeile gelöscht : user_pref("iminent.trackExternalScripts2", "1398639772961");
Zeile gelöscht : user_pref("iminent.version", "8.17.2.1");

-\\ Google Chrome v

[ Datei : C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : ingolnlcamoheiiladeoecpgdbjjmlaf

*************************

AdwCleaner[R0].txt - [26098 octets] - [11/08/2014 18:03:43]
AdwCleaner[S0].txt - [23102 octets] - [11/08/2014 18:11:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23163 octets] ##########


und Addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2014 01
Ran by Marcel at 2014-08-11 18:38:07
Running from C:\Users\Marcel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.8.612 - Adobe Systems, Inc.)
AeroFly 5 (HKCU\...\{52989499-E3EF-442C-8B07-B1D2D32388ED}) (Version: 5.00.03.05 - IPACS)
AeroFly Professional Deluxe (HKCU\...\{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}) (Version: 1.11.0723 - IPACS)
aerosoft's - Mega Airport Amsterdam FSX (HKLM-x32\...\{0A297C87-BF52-43FD-AD75-EE72228E4457}) (Version: 1.04 - aerosoft)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.1 - Sereby Corporation)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anti-reCAPTCHA v4.01 JD (HKLM-x32\...\{74252365-7BB1-437A-8D61-5B0BD1D9AFAA}) (Version: 4.01 - SONY-TEAM)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aquarix 4.18 INTERNATIONAL (HKLM-x32\...\Aquarix4DE_is1) (Version: 4.18 - Aquarix Software)
ArtMoney SE v7.34 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.34 - System SoftLab)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
AudioCon (HKLM-x32\...\AudioCon) (Version: 1.0 - Basement Softworks)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.1.487 - Online Media Technologies Ltd.)
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.245 - Online Media Technologies Ltd.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO INC. DISK FORMATTER (HKLM-x32\...\UN020914) (Version:  - )
BUFFALO TurboUSB for FLASH/HDD (HKLM-x32\...\UN070618) (Version:  - )
BurnAware Free 2.4.3 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward - Sledgehammer Games)
CameraHelperMsi (x32 Version: 13.10.1217.0 - Logitech) Hidden
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version:  - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version:  - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version:  - )
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.0.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities XL 2011 (HKLM-x32\...\Cities XL 2011) (Version: 1.0.0 - Focus Home Interactive)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CPUID CPU-Z 1.54 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2221 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.0.2221 - CyberLink Corp.) Hidden
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.4511 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1514.54 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.1514.54 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0819 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0819 - CyberLink Corp.) Hidden
CyberLink UDF Reader 5.0 (HKLM-x32\...\{22D90DD2-8654-4E8A-B2F1-B6B86A2BF390}) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.0.0316.0317 - DT Soft Ltd)
DaViDeo 4 professional (HKLM-x32\...\InstallShield_{EF4EA1D8-E44E-41BA-B4C4-B4BEFDFCF2AC}) (Version: 4.0 - G DATA Software AG)
DaViDeo 4 professional (x32 Version: 4.0 - G DATA Software AG) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version:  - )
DVDFab 8.1.3.2 (31/10/2011) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
DVDFab 9.0.1.1 (23/11/2012) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EHEIM ControlCenter (HKLM-x32\...\EHEIM ControlCenter) (Version: 1.0.5.2 - EHEIM GmbH & Co. KG)
Emergency 2014 (HKLM-x32\...\Emergency 2014) (Version:  - Quadriga Games)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
foobar2000 v1.1.5 (HKLM-x32\...\foobar2000) (Version: 1.1.5 - Peter Pawlowski)
Free FLV Converter V 6.7.3 (HKLM-x32\...\Free FLV Converter_is1) (Version: 6.7.3.0 - Koyote Soft)
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.3.0 - Electronic Arts)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.2.0 - Futuremark Corporation)
GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version:  - ClanServers Hosting LLC.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glucofacts Deluxe Updater 2.0 (HKCU\...\Glucofacts Deluxe Updater 2.0) (Version:  - Bayer HealthCare LLC)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.25.141 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - Square Enix)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.4.11.0 - HTC)
iBackup Viewer 1.32 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
iCloud (HKLM\...\{8B485965-8EFE-464A-842F-CF8F18C3DFD7}) (Version: 1.1.0.40 - Apple Inc.)
Image Resizer for Windows (64 bit) (Version: 3.0.4442.6002 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{9dfff2f7-5cd7-4fd4-9b75-7d53b042d94b}) (Version: 3.0.4442.6002 - Brice Lambson)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
iZ3D Driver Remove (HKLM-x32\...\{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1) (Version: 1.10 - iZ3D Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216011F0}) (Version: 6.0.110 - Sun Microsystems, Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Langenscheidt T1 6.0 (HKLM-x32\...\{57EB87EF-23DF-4A76-9B90-FD7B53E1C6CE}) (Version:  - )
LightScribe System Software (HKLM-x32\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.45 (HKLM\...\Logitech Gaming Software) (Version: 8.45.88 - Logitech Inc.)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7248) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS Facebook (x32 Version: 13.10.1216.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.10.1216.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.10.1224.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.10.1224.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.10.1218.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.10.1218.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.00.1216.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.10.1216.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.00.1774.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.00.1774.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.10.1222.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.10.1216.0 - Logitech) Hidden
MakeMKV v1.6.16 (HKLM-x32\...\MakeMKV) (Version: v1.6.16 - GuinpinSoft inc)
MegaTrainer eXperience V1.2.4.9 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Mein Verein (HKLM-x32\...\{9ACE3A18-EE13-4012-989C-2BCDC95BA6B9}_is1) (Version: 11.0 - Buhl Data Service GmbH)
miCoach Manager (HKLM-x32\...\adidas miCoach Manager_is1) (Version: 5.0.22 - adidas)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000058100}) (Version: 1.0.0005.129 - Microsoft Studios)
Microsoft Flight (x32 Version: 1.0.0005.129 - Microsoft Studios) Hidden
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MKVtoolnix 4.5.0 (HKLM-x32\...\MKVtoolnix) (Version: 4.5.0 - Moritz Bunkus)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyTomTom 3.1.0.530 (HKLM-x32\...\MyTomTom) (Version: 3.1.0.530 - TomTom)
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
Nero 2014 Content Pack (HKLM-x32\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)
Nero Abstract Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20031 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (x32 Version: 15.0.19000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 15.0.19000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Cliparts (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.22500 - Nero AG) Hidden
Nero Disc Menus 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 2 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 3 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 15.0.12010 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Express (x32 Version: 15.0.19000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero Family and Events Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Football (Soccer) Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Holiday and Sports Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Image Samples (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Info (x32 Version: 15.1.0023 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 15.0.8000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.20.8200 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero PiP Effects 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Platinum Effects 12 (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Recode (x32 Version: 15.0.14000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 15.0.00018 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Retro Film Themes (x32 Version: 12.0.11700 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.15003 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
Nero Video (x32 Version: 15.0.12000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Video Samples (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Video Transitions 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{BC39713D-B14D-4BB0-9663-BC9F7B8AB1F2}) (Version: 15.8.801 - O&O Software GmbH)
O&O DriveLED (HKLM\...\{53480150-81CB-4A86-B378-86B6F08AF80B}) (Version: 3.0.1945 - O&O Software GmbH)
Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Paint XP version 1.1 (HKLM-x32\...\{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1) (Version: 1.1 - MSPAINTXP.COM)
Palast Berlin Screensaver (HKLM-x32\...\Friedrichstadt-Palast_Berlin.scr) (Version: 4.5.0.388 - Friedrichstadt-Palaste Berlin)
PC Connectivity Solution (HKLM-x32\...\{089DD780-DB3F-4CDB-A0C2-111360247298}) (Version: 10.24.0.0 - Nokia)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerDVD Ultra (HKLM-x32\...\InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.6 - PowerISO Computing, Inc.)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.11.0 - Ralink)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Roxio BackOnTrack (x32 Version: 4.0 - Roxio) Hidden
Roxio Burn (x32 Version: 1.6 - Roxio) Hidden
Roxio CinePlayer (HKLM-x32\...\{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}) (Version: 5.6 - Roxio)
Roxio CinePlayer (x32 Version: 5.6 - Roxio) Hidden
Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0 - Roxio) Hidden
Roxio Creator 2011 Content (x32 Version: 13.0.098 - Roxio) Hidden
Roxio High-Def Blu-ray Disc Plug-In (x32 Version: 1.0.0 - Roxio) Hidden
Roxio High-Def/Blu-ray Disc Plug-In (HKLM-x32\...\{F7B0FFE6-3EDA-4B7A-A922-78A602E08D30}) (Version: 13.0 - Roxio)
Roxio Video Capture USB (x32 Version: 1.22.0000 - Roxio) Hidden
Roxio WinOnCD 2011 (x32 Version: 1.3.166 - Roxio) Hidden
Roxio WinOnCD Creator 2011 (HKLM-x32\...\{4433FF9E-AF21-4E41-B296-4E13BF4D52F5}) (Version: 13.0 - Roxio)
Roxio WinOnCD Creator 2011 (x32 Version: 6.0.0 - Roxio) Hidden
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.7 - SmartSound Software Inc.) Hidden
Sound Blaster Tactic(3D) Sigma (HKLM-x32\...\{93CFCA51-4484-4211-89EB-39ED3CBDBEB1}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg MyMp3PRO V5.0 (HKLM-x32\...\Steinberg MyMp3PRO V5.0) (Version:  - )
Stellarium 0.10.6.1 (HKLM-x32\...\Stellarium_is1) (Version:  - )
StreamTransport version: 1.1.1.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version:  - )
TomTom HOME 2.8.3.2499 (HKLM-x32\...\TomTom HOME) (Version: 2.8.3.2499 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TriDef 3D 5.1 (HKLM-x32\...\essentials-bundle) (Version: 5.1 - Dynamic Digital Depth Australia Pty Ltd)
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
UltraStar Deluxe (HKLM-x32\...\UltraStar Deluxe) (Version: 1.1 - USDX Team)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Utility (x32 Version: 1.00.0002 - Ihr Firmenname) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Victoria 2 (HKLM-x32\...\Victoria2_is1) (Version: 1.01.00.0 - Paradox Interactive)
Visual C++ 2008 x64 Runtime - (v9.0.30729.5026) (x32 Version: 9.0.30729.5026 - Microsoft Corporation) Hidden
Visual C++ 2008 x64 Runtime - v9.0.30729.5026 (HKLM-x32\...\{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}.vc_x64runtime_30729_5026) (Version: 9.0.30729.5026 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - (v9.0.30729.5026) (x32 Version: 9.0.30729.5026 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.5026 (HKLM-x32\...\{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}.vc_x86runtime_30729_5026) (Version: 9.0.30729.5026 - Microsoft Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Warner Bros. Digital Copy Manager (HKLM-x32\...\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1) (Version: 1.56 - Warner Bros. Entertainment Inc.)
Warner Bros. Digital Copy Manager (x32 Version: 1.56 - Warner Bros. Entertainment Inc.) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
Windows Live OneCare safety scanner (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{9C4D79B6-238E-49D8-AEBC-26384EBDE6B3}) (Version: 1.0.1720.1 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WISO Mein Geld 2012 Standard (HKLM-x32\...\WISO Mein Geld 2012 Standard) (Version:  - Buhl Data Service GmbH)
WISO Mein Geld 2012 Standard (x32 Version: 14.0.1.18 - Buhl Data Service GmbH) Hidden
Wondershare Dr.Fone for Android(Build 3.5.1.49) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 3.5.1.49 - Wondershare Software Co.,Ltd.)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-2 - BitNami)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
XviD MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version:  - XviD Development Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2598369041-3088188982-4083831754-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2598369041-3088188982-4083831754-1001_Classes\CLSID\{4D766FD3-B880-49D3-B7BD-6CF925221E04}\InprocServer32 -> C:\Program Files\Brenner\Roxio 2011\Virtual Drive 10\DC_ShellExt64.dll (Sonic Solutions)
CustomCLSID: HKU\S-1-5-21-2598369041-3088188982-4083831754-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2598369041-3088188982-4083831754-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2598369041-3088188982-4083831754-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

05-08-2014 09:20:39 Windows Update
10-08-2014 19:42:13 DirectX wurde installiert
11-08-2014 13:12:39 avast! antivirus system restore point
11-08-2014 13:23:23 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01324AB8-BBFD-4FF7-AB53-5B2079BA632E} - System32\Tasks\{F08037A3-4923-4138-8769-D8DA9E02F3F4} => C:\Users\Marcel\Downloads\120UBPlus_9x_2k_xp\120UBPlus_9x_2k_xp\web.EXE
Task: {097E666B-1F3C-4307-AC81-AA8FB2D2E8E5} - System32\Tasks\{B2B7461B-C901-4B71-B01D-74582910BAB5} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {38C4BC7E-6DED-449E-9E86-D3ED2B7623E0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {41DDCC71-D67C-4F82-A7C9-F7A677966B27} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA => C:\Users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20] (Google Inc.)
Task: {47F08FDE-86DE-494A-B708-3C7096CDF276} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {59845DF8-7CC9-480A-8F6E-24A452652491} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA => C:\Users\Marcel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {968BA856-8CD8-4988-83F4-5F31CD2D7FBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-20] (Google Inc.)
Task: {9A618043-802E-486D-B137-FC774BD5FF9C} - System32\Tasks\avast! Emergency Update => C:\Program Files\Internet\Avast5\AvastEmUpdate.exe [2014-08-01] (AVAST Software)
Task: {9B082A25-373F-4B97-8B25-E0F06E557CEA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core1cc0560e24762f0 => C:\Users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20] (Google Inc.)
Task: {A50E763C-8CAD-4B4B-B1CF-9712FADC88BA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core => C:\Users\Marcel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {B54904F9-13D8-46FB-B833-159E87309258} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core => C:\Users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20] (Google Inc.)
Task: {C60319E1-FD22-4BD5-9B93-975B068619D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-20] (Google Inc.)
Task: {DAD5AA81-BCCD-4BEA-84A2-F78DBDA30332} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG)
Task: {F2E8FF28-C6EB-4B62-ACA2-40F636FAC826} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {FC40455E-7932-47AE-A1F5-D218A2D4509F} - System32\Tasks\{E5A1F114-E623-457D-841C-AB6D432D786D} => C:\Users\Marcel\Downloads\120UBPlus_9x_2k_xp\120UBPlus_9x_2k_xp\web.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core.job => C:\Users\Marcel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA.job => C:\Users\Marcel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core1cc0560e24762f0.job => C:\Users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA.job => C:\Users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-11 00:47 - 2009-08-16 18:06 - 00166400 _____ () C:\Program Files (x86)\System\WinRAR\rarext.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2011-11-29 22:21 - 2014-08-09 02:42 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-14 22:32 - 2013-11-14 22:32 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-08-01 23:30 - 2014-08-01 23:30 - 00301152 _____ () C:\Program Files\Internet\Avast5\aswProperty.dll
2014-08-11 18:06 - 2014-08-11 18:06 - 02795520 _____ () C:\Program Files\Internet\Avast5\defs\14081101\algo.dll
2011-06-07 23:09 - 2010-12-30 15:46 - 01033568 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
2014-08-01 23:30 - 2014-08-01 23:30 - 19329904 _____ () C:\Program Files\Internet\Avast5\libcef.dll
2013-10-17 16:40 - 2013-10-17 16:40 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-11-14 22:31 - 2013-11-14 22:31 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-10-17 16:40 - 2013-10-17 16:40 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-10-17 16:40 - 2013-10-17 16:40 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-10-17 16:40 - 2013-10-17 16:40 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-10-17 16:42 - 2013-10-17 16:42 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-11-14 22:34 - 2013-11-14 22:34 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2011-05-06 00:07 - 2013-12-07 20:58 - 03363952 _____ () C:\Program Files (x86)\Internet\Mozilla Firefox 3\mozjs.dll
2014-07-09 18:29 - 2014-07-09 18:29 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B174FAE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BOT4Service => 2
MSCONFIG\Services: CyberLink PowerDVD 12 Media Server Monitor Service => 2
MSCONFIG\Services: CyberLink PowerDVD 12 Media Server Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: LVPrcS64 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: VMCService => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupfolder: C:^Users^Marcel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk => C:\Windows\pss\Serviio.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Büro\Adobe Reader 9\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUSGamerOSD => C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
MSCONFIG\startupreg: B2C_AGENT => C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: Bing Bar => "C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\Medien\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: CPMonitor => "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: dcmsvc => C:\Program Files (x86)\dcmsvc\dcmsvc.exe
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Brenner\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EA Core => "E:\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Marcel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\Medien\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files (x86)\Medien\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: LGODDFU => "C:\Program Files (x86)\System\LG FwUpdate\fwupdate.exe" blrun
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Logitech Vid => "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: MobileConnect => %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: Monitor => C:\Windows\PixArt\PAC207\Monitor.exe
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaMusic FastStart => "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
MSCONFIG\startupreg: PowerDVD12Agent => "C:\Program Files (x86)\PowerDVD 12\PowerDVD12\PowerDVD12Agent.exe"
MSCONFIG\startupreg: PowerDVD12DMREngine => "C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
MSCONFIG\startupreg: PSDrvCheck => C:\Windows\system32\PSDrvCheck.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\Medien\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RGSC => E:\Grand Theft Auto\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: TuneClone => C:\Program Files\TuneClone\TuneClone.exe /silence
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\Medien\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Medien\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.0"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\Medien\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Medien\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files (x86)\Medien\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Medien\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Medien\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Medien\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe

==================== Faulty Device Manager Devices =============

Name: Standard-Diskettenlaufwerkcontroller
Description: Standard-Diskettenlaufwerkcontroller
Class Guid: {4d36e969-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-Diskettenlaufwerkcontroller)
Service: fdc
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2014 06:31:30 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  0xc0041801 (0xc0041801)

Error: (08/11/2014 06:31:30 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=2350} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  0xc0041801 (0xc0041801)

Error: (08/10/2014 11:34:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/10/2014 02:05:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/10/2014 11:49:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2014 10:47:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2014 10:47:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2014 02:11:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2014 02:11:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2014 02:07:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x4ea78f27
Name des fehlerhaften Moduls: QuickTime.qts, Version: 7.74.80.86, Zeitstempel: 0x5180f322
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001ae24
ID des fehlerhaften Prozesses: 0x180c
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3


System errors:
=============
Error: (08/11/2014 06:23:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (08/11/2014 06:22:25 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.2.100192.168.0.0255.255.255.0

Error: (08/11/2014 06:22:25 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (08/11/2014 06:21:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Roxio Hard Drive Watcher 12 erreicht.

Error: (08/11/2014 06:20:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LiveUpdate" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/11/2014 06:19:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberLink UDF Filesystem" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (08/11/2014 06:19:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\CLBUDFR.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/11/2014 06:18:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\CLBStor.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/11/2014 06:18:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\CLBStor.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/11/2014 06:18:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\CLBStor.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (10/05/2011 10:45:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/08/2011 08:45:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 443 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/30/2010 09:39:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11230 seconds with 900 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-10-29 00:41:33.376
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-10 21:42:12.023
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Windows\System32\atklumdispx.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-10 21:42:11.860
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Windows\System32\atklumdispx.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-29 13:58:03.742
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Windows\System32\atklumdispx.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-04-29 13:58:03.655
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Windows\System32\atklumdispx.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-05-18 17:30:38.797
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Marcel\AppData\Local\Temp\ATICDSDr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-05-18 17:30:38.754
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Marcel\AppData\Local\Temp\ATICDSDr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-05-18 17:30:37.857
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Marcel\PC Jürgen\ATI Driver\10-02_legacy_xp32-64_dd_ccc\BIN\aticd64a.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-05-18 17:30:37.802
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Marcel\PC Jürgen\ATI Driver\10-02_legacy_xp32-64_dd_ccc\BIN\aticd64a.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-05-18 17:30:35.927
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Marcel\AppData\Local\Temp\ATICDSDr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 8190.49 MB
Available physical RAM: 5819.75 MB
Total Pagefile: 16379.16 MB
Available Pagefile: 13930.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:390.03 GB) (Free:147.14 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Media) (Fixed) (Total:1000.1 GB) (Free:690.77 GB) NTFS
Drive e: (Games) (Fixed) (Total:112.83 GB) (Free:36.23 GB) NTFS
Drive j: (XP-CS) (Fixed) (Total:120.05 GB) (Free:76.11 GB) NTFS
Drive k: (CN-CORE2_M) (Fixed) (Total:931.51 GB) (Free:762.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 3D7BE659)
Partition 1: (Not Active) - (Size=113 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=120 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 1397 GB) (Disk ID: 9057DA76)
Partition 1: (Active) - (Size=390 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3BE89352)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Freundliche Grüße

Marcel

schrauber 12.08.2014 13:27
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

bodyshot174 12.08.2014 17:22
Combofix:

Code:
ComboFix 14-08-12.01 - Marcel 12.08.2014  17:51:53.1.4 - x64
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.8190.5190 [GMT 2:00]
ausgeführt von:: c:\users\Marcel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xml930B.tmp
c:\programdata\xml935A.tmp
c:\programdata\xml936A.tmp
c:\programdata\xml936B.tmp
c:\programdata\xmlE1C7.tmp
c:\programdata\xmlE2B2.tmp
c:\programdata\xmlE330.tmp
C:\Thumbs.db
c:\users\Marcel\AppData\Local\lame_enc.dll
c:\users\Marcel\AppData\Local\no23xwrapper.dll
c:\users\Marcel\AppData\Local\ogg.dll
c:\users\Marcel\AppData\Local\vorbis.dll
c:\users\Marcel\AppData\Local\vorbisenc.dll
c:\users\Marcel\AppData\Local\vorbisfile.dll
c:\users\Marcel\AppData\Roaming\AcroIEHelpe.txt
c:\users\Marcel\AppData\Roaming\inst.exe
c:\users\Marcel\AppData\Roaming\SQLite3.dll
c:\users\Marcel\AppData\Roaming\srvblck5.tmp
c:\users\Public\invokesi.exe
K:\install.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-07-12 bis 2014-08-12  ))))))))))))))))))))))))))))))
.
.
2014-08-12 16:13 . 2014-08-12 16:13        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-08-12 15:45 . 2014-07-02 03:09        10924376        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{7C1D864E-F727-4D33-9971-62CA62880FAC}\mpengine.dll
2014-08-11 16:35 . 2014-08-11 16:38        --------        d-----w-        C:\FRST
2014-08-11 16:04 . 2010-08-30 06:34        536576        ----a-w-        c:\windows\SysWow64\sqlite3.dll
2014-08-11 16:03 . 2014-08-11 16:17        --------        d-----w-        C:\AdwCleaner
2014-08-11 13:35 . 2014-08-11 13:35        --------        d-----w-        c:\programdata\ATI
2014-08-11 13:34 . 2014-08-11 13:34        --------        d-----w-        c:\users\Marcel\AppData\Roaming\library_dir
2014-08-11 13:30 . 2014-08-12 15:38        --------        d-----w-        c:\users\Marcel\AppData\Roaming\Raptr
2014-08-11 13:30 . 2014-08-11 13:34        --------        d-----w-        c:\program files (x86)\Raptr
2014-08-11 13:30 . 2014-08-11 13:30        --------        d-----w-        c:\program files (x86)\AMD AVT
2014-08-11 13:25 . 2014-08-11 13:25        --------        d-----w-        c:\program files\AMD
2014-08-11 13:21 . 2014-08-11 13:21        --------        d-----w-        C:\AMD
2014-08-11 13:14 . 2014-08-11 13:14        --------        d-s---w-        c:\windows\SysWow64\Microsoft
2014-08-10 23:01 . 2014-08-11 17:43        --------        d-----w-        c:\users\Marcel\AppData\Roaming\GameTracker
2014-08-10 23:01 . 2014-08-10 23:01        --------        d-----w-        c:\program files (x86)\GameTracker
2014-08-09 00:28 . 2014-08-09 00:28        --------        d-----w-        c:\program files (x86)\Battlelog Web Plugins
2014-08-02 15:24 . 2014-08-02 16:32        --------        d-----w-        c:\users\Marcel\AppData\Local\gtk-2.0
2014-08-02 15:24 . 2014-08-02 15:24        --------        d-----w-        c:\users\Marcel\.thumbnails
2014-08-02 15:19 . 2014-08-02 15:19        --------        d-----w-        c:\users\Marcel\AppData\Local\fontconfig
2014-08-02 15:19 . 2014-08-02 16:35        --------        d-----w-        c:\users\Marcel\.gimp-2.8
2014-08-02 15:19 . 2014-08-02 15:19        --------        d-----w-        c:\users\Marcel\AppData\Local\gegl-0.2
2014-08-02 15:17 . 2014-08-02 15:18        --------        d-----w-        c:\program files\GIMP 2
2014-08-02 10:11 . 2014-05-14 16:23        44512        ----a-w-        c:\windows\system32\wups2.dll
2014-08-02 10:11 . 2014-05-14 16:23        58336        ----a-w-        c:\windows\system32\wuauclt.exe
2014-08-02 10:11 . 2014-05-14 16:23        2477536        ----a-w-        c:\windows\system32\wuaueng.dll
2014-08-02 10:11 . 2014-05-14 16:21        2620928        ----a-w-        c:\windows\system32\wucltux.dll
2014-08-02 10:11 . 2014-05-14 16:23        38880        ----a-w-        c:\windows\system32\wups.dll
2014-08-02 10:11 . 2014-05-14 16:23        700384        ----a-w-        c:\windows\system32\wuapi.dll
2014-08-02 10:11 . 2014-05-14 16:20        97792        ----a-w-        c:\windows\system32\wudriver.dll
2014-08-02 10:11 . 2014-05-14 16:17        92672        ----a-w-        c:\windows\SysWow64\wudriver.dll
2014-08-02 10:10 . 2014-05-14 16:23        36320        ----a-w-        c:\windows\SysWow64\wups.dll
2014-08-02 10:10 . 2014-05-14 16:23        581600        ----a-w-        c:\windows\SysWow64\wuapi.dll
2014-08-02 10:10 . 2014-05-14 07:23        198600        ----a-w-        c:\windows\system32\wuwebv.dll
2014-08-02 10:10 . 2014-05-14 07:23        179656        ----a-w-        c:\windows\SysWow64\wuwebv.dll
2014-08-02 10:10 . 2014-05-14 07:20        36864        ----a-w-        c:\windows\system32\wuapp.exe
2014-08-02 10:10 . 2014-05-14 07:17        33792        ----a-w-        c:\windows\SysWow64\wuapp.exe
2014-08-01 21:31 . 2014-08-01 21:31        92008        ----a-w-        c:\windows\system32\drivers\aswStm.sys
2014-08-01 21:31 . 2014-08-01 21:31        29208        ----a-w-        c:\windows\system32\drivers\aswHwid.sys
2014-08-01 21:31 . 2014-08-01 21:31        43152        ----a-w-        c:\windows\avastSS.scr
2014-07-31 13:35 . 2014-07-31 13:35        --------        d-----w-        c:\users\Marcel\AppData\Local\Skype
2014-07-31 13:35 . 2014-07-31 13:35        --------        d-----w-        c:\program files (x86)\Common Files\Skype
2014-07-30 22:48 . 2014-07-30 22:48        --------        d-----w-        c:\users\Marcel\AppData\Roaming\ProtectDISC
2014-07-30 22:42 . 2014-07-30 22:42        --------        d-----w-        c:\program files (x86)\NVIDIA Corporation
2014-07-30 22:41 . 2014-07-30 22:41        --------        d-----w-        c:\program files (x86)\Common Files\Wise Installation Wizard
2014-07-30 22:17 . 2014-07-30 22:17        --------        d-----w-        c:\program files (x86)\Quadriga Games
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-10 11:39 . 2011-11-29 20:21        297088        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2014-08-10 11:39 . 2011-11-27 11:37        297088        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2014-08-10 11:33 . 2010-01-16 15:28        297088        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2014-08-09 00:42 . 2011-11-29 20:21        76152        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2014-08-01 21:31 . 2010-12-18 11:30        427360        ----a-w-        c:\windows\system32\drivers\aswsp.sys
2014-08-01 21:31 . 2013-10-13 09:25        224896        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2014-08-01 21:31 . 2013-10-13 09:25        65776        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2014-08-01 21:31 . 2012-03-27 19:03        93568        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2014-08-01 21:31 . 2011-04-15 13:21        1041168        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2014-08-01 21:31 . 2011-01-16 14:01        307344        ----a-w-        c:\windows\system32\aswBoot.exe
2014-08-01 21:31 . 2010-12-18 11:30        79184        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2014-07-10 13:13 . 2010-01-09 00:04        96441528        ----a-w-        c:\windows\system32\MRT.exe
2014-07-09 16:29 . 2012-04-12 16:26        699056        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-09 16:29 . 2011-06-04 05:48        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-20 20:14 . 2014-07-09 15:19        266424        ----a-w-        c:\windows\system32\iedkcs32.dll
2014-06-19 01:39 . 2014-07-09 15:19        23464448        ----a-w-        c:\windows\system32\mshtml.dll
2014-06-19 01:06 . 2014-07-09 15:19        2724864        ----a-w-        c:\windows\system32\mshtml.tlb
2014-06-19 01:06 . 2014-07-09 15:19        4096        ----a-w-        c:\windows\system32\ieetwcollectorres.dll
2014-06-19 00:48 . 2014-07-09 15:19        2768384        ----a-w-        c:\windows\system32\iertutil.dll
2014-06-19 00:42 . 2014-07-09 15:19        548352        ----a-w-        c:\windows\system32\vbscript.dll
2014-06-19 00:42 . 2014-07-09 15:19        66048        ----a-w-        c:\windows\system32\iesetup.dll
2014-06-19 00:41 . 2014-07-09 15:19        48640        ----a-w-        c:\windows\system32\ieetwproxystub.dll
2014-06-19 00:41 . 2014-07-09 15:19        83968        ----a-w-        c:\windows\system32\MshtmlDac.dll
2014-06-19 00:32 . 2014-07-09 15:19        51200        ----a-w-        c:\windows\system32\jsproxy.dll
2014-06-19 00:31 . 2014-07-09 15:19        33792        ----a-w-        c:\windows\system32\iernonce.dll
2014-06-19 00:26 . 2014-07-09 15:19        598016        ----a-w-        c:\windows\system32\ieui.dll
2014-06-19 00:24 . 2014-07-09 15:19        139264        ----a-w-        c:\windows\system32\ieUnatt.exe
2014-06-19 00:24 . 2014-07-09 15:19        111616        ----a-w-        c:\windows\system32\ieetwcollector.exe
2014-06-19 00:23 . 2014-07-09 15:19        752640        ----a-w-        c:\windows\system32\jscript9diag.dll
2014-06-19 00:14 . 2014-07-09 15:19        940032        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-19 00:09 . 2014-07-09 15:19        452608        ----a-w-        c:\windows\system32\dxtmsft.dll
2014-06-18 23:59 . 2014-07-09 15:19        38400        ----a-w-        c:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 23:56 . 2014-07-09 15:19        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2014-06-18 23:53 . 2014-07-09 15:19        195584        ----a-w-        c:\windows\system32\msrating.dll
2014-06-18 23:51 . 2014-07-09 15:19        5721088        ----a-w-        c:\windows\system32\jscript9.dll
2014-06-18 23:50 . 2014-07-09 15:19        85504        ----a-w-        c:\windows\system32\mshtmled.dll
2014-06-18 23:48 . 2014-07-09 15:19        292864        ----a-w-        c:\windows\system32\dxtrans.dll
2014-06-18 23:39 . 2014-07-09 15:19        608768        ----a-w-        c:\windows\system32\ie4uinit.exe
2014-06-18 23:38 . 2014-07-09 15:19        455168        ----a-w-        c:\windows\SysWow64\vbscript.dll
2014-06-18 23:37 . 2014-07-09 15:19        61952        ----a-w-        c:\windows\SysWow64\iesetup.dll
2014-06-18 23:36 . 2014-07-09 15:19        51200        ----a-w-        c:\windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35 . 2014-07-09 15:19        62464        ----a-w-        c:\windows\SysWow64\MshtmlDac.dll
2014-06-18 23:33 . 2014-07-09 15:19        631808        ----a-w-        c:\windows\system32\msfeeds.dll
2014-06-18 23:27 . 2014-07-09 15:19        1249280        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2014-06-18 23:27 . 2014-07-09 15:19        2040832        ----a-w-        c:\windows\system32\inetcpl.cpl
2014-06-18 23:23 . 2014-07-09 15:19        112128        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2014-06-18 23:22 . 2014-07-09 15:19        592896        ----a-w-        c:\windows\SysWow64\jscript9diag.dll
2014-06-18 23:06 . 2014-07-09 15:19        32256        ----a-w-        c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58 . 2014-07-09 15:19        2266112        ----a-w-        c:\windows\system32\wininet.dll
2014-06-18 22:52 . 2014-07-09 15:19        4254720        ----a-w-        c:\windows\SysWow64\jscript9.dll
2014-06-18 22:51 . 2014-07-09 15:19        13527040        ----a-w-        c:\windows\system32\ieframe.dll
2014-06-18 22:46 . 2014-07-09 15:19        1068032        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45 . 2014-07-09 15:19        1964544        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2014-06-18 22:34 . 2014-07-09 15:19        1393664        ----a-w-        c:\windows\system32\urlmon.dll
2014-06-18 22:15 . 2014-07-09 15:19        846336        ----a-w-        c:\windows\system32\ieapfltr.dll
2014-06-18 22:13 . 2014-07-09 15:19        1791488        ----a-w-        c:\windows\SysWow64\wininet.dll
2014-06-18 02:18 . 2014-07-09 15:08        692736        ----a-w-        c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 15:08        646144        ----a-w-        c:\windows\SysWow64\osk.exe
2014-06-18 01:10 . 2014-07-09 15:08        3157504        ----a-w-        c:\windows\system32\win32k.sys
2014-06-06 10:10 . 2014-07-09 15:07        624128        ----a-w-        c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-09 15:07        509440        ----a-w-        c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-09 15:02        1460736        ----a-w-        c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-09 15:02        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-09 15:02        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-09 15:07        210944        ----a-w-        c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-09 15:07        86528        ----a-w-        c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-09 15:07        340992        ----a-w-        c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-09 15:07        314880        ----a-w-        c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-09 15:07        307200        ----a-w-        c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-09 15:07        728064        ----a-w-        c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-09 15:07        22016        ----a-w-        c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-09 15:07        172032        ----a-w-        c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-09 15:07        65536        ----a-w-        c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-09 15:07        247808        ----a-w-        c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-09 15:07        220160        ----a-w-        c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-09 15:07        259584        ----a-w-        c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-09 15:07        550912        ----a-w-        c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-09 15:07        17408        ----a-w-        c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-09 15:07        497152        ----a-w-        c:\windows\system32\drivers\afd.sys
2014-05-18 20:18 . 2014-05-18 20:18        11899396        ----a-w-        c:\windows\FRIEDRIC.sCr
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-07-30 55360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"AvastUI.exe"="c:\program files\Internet\Avast5\AvastUI.exe" [2014-08-01 4085896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-17 767200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files (x86)\Ralink\Common\RaUI.exe -s [2011-6-7 11474272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *\0OODBS
.
R0 CLBStor;CyberLink InstantBurn UDF Reader Help Driver; [x]
R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys;c:\windows\SYSNATIVE\DRIVERS\EIO64.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 CLBUDFR;CyberLink UDF Filesystem; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [x]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandmodem64.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 AndNetGps;LGE AndroidNet USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandnetgps64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetgps64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 ATICDSDr;ATICDSDr;c:\users\Marcel\AppData\Local\Temp\ATICDSDr.sys;c:\users\Marcel\AppData\Local\Temp\ATICDSDr.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\system32\drivers\bfturboh.sys;c:\windows\SYSNATIVE\drivers\bfturboh.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
R3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys;c:\windows\SYSNATIVE\Drivers\LGPBTDD.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\DRIVERS\libusb0.sys;c:\windows\SYSNATIVE\DRIVERS\libusb0.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbx64.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
R3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys;c:\windows\SYSNATIVE\DRIVERS\Ph3xIB64.sys [x]
R3 RaMediaServer;Ralink UPnP Media Server;c:\program files (x86)\Ralink\Common\RaMediaServer.exe;c:\program files (x86)\Ralink\Common\RaMediaServer.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDB13;RoxMediaDB13;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
R3 zlportio;zlportio;g:\software\Audio - Bearbeitung\Ultrastar\Ultrastar-Deluxe-100\zlportio.sys;g:\software\Audio - Bearbeitung\Ultrastar\Ultrastar-Deluxe-100\zlportio.sys [x]
R4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [x]
R4 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [x]
R4 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\program files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
R4 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\program files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
R4 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 OODrvled;OODrvled;c:\windows\system32\DRIVERS\OODrvled.sys;c:\windows\SYSNATIVE\DRIVERS\OODrvled.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys;c:\windows\SYSNATIVE\Drivers\Sahdad64.sys [x]
S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys;c:\windows\SYSNATIVE\Drivers\Saibad64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 tclondrv;tclondrv;c:\windows\system32\DRIVERS\tclondrv.sys;c:\windows\SYSNATIVE\DRIVERS\tclondrv.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 iZ3DInjectionDriver;Driver inject our D3D and OGL wrappers;c:\program files (x86)\iZ3D Driver\Win64\S3DInjectionDriver.sys;c:\program files (x86)\iZ3D Driver\Win64\S3DInjectionDriver.sys [x]
S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys;c:\windows\SYSNATIVE\Drivers\SaibVdAd64.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/12/28 20:10];c:\program files (x86)\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl;c:\program files (x86)\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\program files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz133_x64.sys [x]
S2 GS In-Game Service;GS In-Game Service;c:\program files (x86)\GameTracker\GSInGameService.exe;c:\program files (x86)\GameTracker\GSInGameService.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\program files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 O&O DriveLED;O&O DriveLED Service;c:\program files\System\O&O Software\DriveLED\oodlag.exe;c:\program files\System\O&O Software\DriveLED\oodlag.exe [x]
S2 OODefragAgent;O&O Defrag;c:\program files\System\O&O Software\Defrag 15\oodag.exe;c:\program files\System\O&O Software\Defrag 15\oodag.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Ralink\Common\RaRegistry64.exe;c:\program files (x86)\Ralink\Common\RaRegistry64.exe [x]
S2 S3D Service (Win32);S3D Service (Win32);c:\program files (x86)\iZ3D Driver\Win32\S3DCService.exe;c:\program files (x86)\iZ3D Driver\Win32\S3DCService.exe [x]
S2 S3D Service (Win64);S3D Service (Win64);c:\program files (x86)\iZ3D Driver\Win64\S3DCService.exe;c:\program files (x86)\iZ3D Driver\Win64\S3DCService.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 lgbusenum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SaiK0728;SaiK0728;c:\windows\system32\DRIVERS\SaiK0728.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK0728.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 13:05        451872        ----a-w-        c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 16:29]
.
2014-08-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core.job
- c:\users\Marcel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-13 21:40]
.
2014-08-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA.job
- c:\users\Marcel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-13 21:40]
.
2014-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-21 12:33]
.
2014-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-21 12:33]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core1cc0560e24762f0.job
- c:\users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 12:33]
.
2014-08-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA.job
- c:\users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 12:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-01 21:31        634872        ----a-w-        c:\program files\Internet\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"OODefragTray"="c:\program files\System\O&O Software\Defrag 15\oodtray.exe" [2012-06-06 3998064]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-02-28 7468784]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~2\BRO~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search
FF - prefs.js: browser.search.selectedEngine - Microsoft (Bing)
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=AV01
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search
FF - prefs.js: network.proxy.ftp - hxxp://americanproxie.info/
FF - prefs.js: network.proxy.ftp_port - 66
FF - prefs.js: network.proxy.http - hxxp://americanproxie.info/
FF - prefs.js: network.proxy.http_port - 66
FF - prefs.js: network.proxy.socks - hxxp://americanproxie.info/
FF - prefs.js: network.proxy.socks_port - 66
FF - prefs.js: network.proxy.ssl - hxxp://americanproxie.info/
FF - prefs.js: network.proxy.ssl_port - 66
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2014-07-14 18:22; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Internet\Mozilla Firefox 3\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
FF - ExtSQL: !HIDDEN! 2012-07-29 11:25; {9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}; c:\users\Marcel\AppData\Roaming\14001.006
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Wondershare Helper Compact.exe - c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\Medien\DivX\DivXCodecUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2598369041-3088188982-4083831754-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d0,95,78,df,bb,a3,f3,55,e4,c6,cf,e9,38,de,23,b0,72,8b,b3,03,59,30,1d,
  37,f6,1a,f2,19,0f,f2,db,51,79,91,1e,13,01,8b,e2,5b,0d,3f,84,d5,30,3c,77,22,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-2598369041-3088188982-4083831754-1001\Software\SecuROM\License information*]
"datasecu"=hex:5c,8d,18,e8,6a,4e,cd,d5,67,4e,a4,91,f1,2c,fa,f5,79,c5,28,f5,2a,
  b6,e5,5e,dc,48,9d,b4,50,ca,a9,8a,2c,9b,09,5e,6d,a5,ee,31,7a,81,67,23,40,d1,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="30223B8BD013AB3604494EEBD33C33CE0DA41BA48D976E7534D3AED067AC7CBD0B4E9FBC4FCA2F61B527BBFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D9DB7CE019D40AA5CA2D97226D213B55585CEE68BC67CAFC4C468A66708C7F1F7E1DE7D4D44A2A3616BB4D2313E76DE97DBBA7B3D595FFE0605CA801E4B12E3150AD6E793E1924BAB6AD216D2CB4031771B58B942082E4F0B35B1CC75CEC69CCAAA24A10816CB66AA9393033FA816F5B50B71DE00C238C9F215FE8A8E485D56861CD90B2C048862B7F962F973FE196CBC95E6ED8EDCA41CD188A6FB40D5A050275B2248B1B0DA31A2D3BCA01DDBBC5466C92A2CBC8E6DFAAF96B0AA1477305104893A428184A445ACF9B5E023334B7581DB43240D715F9C89EAB85FCA917D9CE5EA7324B6CE1F1A8A6A72669D5BE098D0A0CCA333069C3ACE58712AD4ED4F01096AB2DE203F55A9E7C7ADA2590E6E0B8B93F7BD19B01B93E3CF1C5E59B6C0CD9E1271A5C26C2675E1D636CCD5E9B81EDC550648DC36A4EBA0E9139233FD41564B95BCF155CEC7828A036EDA48F0D728E3A64FDC50C4D608CFE2C12270B693F12947367F4244BF5AE8D94C8C988AB983B3EFBE5A77692435B21A28AD543BCD7BC422934D2A0EEA87768BD9E1E4001F8C533AD3E18D99D0BFFD155C16D3C55AD39E419D2061D1781C21EF351FFB801BA53D3721DA7F2CF87AD77904831C78795FACE63180ED996D2CC980114FE39D98B4E0B7CFEDEDDA08BDDD95DC6188573C8356F7C03B0CD0A0D0485A33BED2CFD3A2A132980B304741639F56B75E2E4A0B2E7BFBCFDEAB4ABC2666C0F67EB7EEDB5C5643CC634EF3B949A0D2F76E521E9E4DE92179C06F3C434DE09849E3333B975549A9CEEC0648DAD259BF95C7F082085569B8E879AFBD876AEA6B2E8717D5BE03B9471562C88F6466B6FB1EE4B60DA8BDB036E163774EB1A72AE7B9476E46DEDDDB232D413DF8E5EE1686B08686353702EEB3B79F86CDBCAF396097C3F5F4576455E8344CBB98C5DA4F02023077D7BF23446DD492CF83F7B325C986E29B335F17C2E6DE09D266BE1DA6B7592754B420A2C44536647C17886970BED74D06B1FC7DB010734242BB5CACDA1315F79AF18B0AF93E6D806617658990FB71EF0D078EA0A47C4E86815983039AA324707D168763E1829F181DF35BCD70E44EFB3E2DC48D15E4DCA6B9E2E79F0B9D8AA5E38DEFBF6CDF849E658209FAED7EFCE7D883A3556C29243947DE9305C1D8E1EDE7AAF4B1FE456B4CB47EE1D25B729F6AD14B0510094DBA19BCB9E4B94ED155E3D79F95517348B41DB884309E7E8F6C03D12C94D33F764CE3DF410D48AD27A5E6B6862C3B15A25652D0948C2C10C7ADF134AFD342D5F0187BA82B"
"OODEFRAG15.00.00.01PROFESSIONAL"="AE293E862BBEC74AF01FDF7067DDAC1AB984B67F7A744BADEA6784B312735EABA6A26DF46F1E7DA39D753BCFC38230726F692FF30E4781729402649A9A48AFF86244C0A20181E427150E7A1243CFFE8DF0B12A58EB77EE9A70F5EAE84B05A15B02528E253A78748B56055F1571414B743F7AF3EBEF8DA0259F7D8EE3735FB5E7684195E6FA83CA98A4AF8E8760C5EA489F1338437D81C42609062526E47D9545BB3CF4A8A616A8AD8A9513ED233DD6381B000BC9F8C5ACC2D530691E787C0E31E9A231FA251B723AD2F1589ED37F2E8BFD7BE1BA4DBA51B8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3DA9C6AECB7A5D1407BA7FD869164D6794F02D5450A82BFB48197F01D5B77067A90A6B1D1CD84C315EC665466680B11DB50DC7372D5503F8F871765ADFDC9BF0E08F54F0862EAEFB544507C127BB7258FA048D5AF6269D1399302165EEA633A4C50A6C0D9D801E1A66338FE7CC8C9F5005BA738200CD8B3F6739F06FBA1652D18AFE42E59841E153DCD9477936F4CD674FD9A05BE97D4D1834360A2A49B1896BF6B915588767379293C2AF9B197E06226B4C70F0AD715A5AE715442DF8835A88E5C8DC24CA6E4DE8F93CF7D679B2C4A780C272B417E31AE8FA07ACF2F917BC63467CC26D1AD4C88995DA8916B4A2FCC6C531E9FB44166E49FC8084D8507F99DA9CEAA239FC9CC04CFDF47DAB7661907089CF4F802C4DA5A58FBABF22D652D2F2FE708FF5524DC12E6026A1C9C2075B38AC9A4D5F93D1084CE9338774B82A3A5119A9CFEFCAEF4B4DFC4E7A8BF1AE29D8A5D2C41A97EF4E2E542B375B76A21642A9F8D9DC6E95526E268F3D6A2DF93AAD7C7BC71628F8A7E0AFA75FC466DEA2B385055E53154F3E7A4651D4C97309C437CD5D9D1D09C0B520EB71458230050E3712B73DCEEC346B7BD83EDEEB9706F11C4D0442DCD1A00EC7909561CA50BC7C07CBBE8C2DF7DD2A236E46AFF9C01C5FA43EBF6665ECF43B5B38E560B91934837BC10C16B48C6DBDC32B1D4C80697A9B3D7A256CAC1C9E3B808F77A14BAD9E2F1497D6560B5402DD56C738706FDFD5ADF66E8B6B0D7282007F5BA23B6487B07EF30419FE3C4B4638F68E530A1B48650E071D10B042D708EE48EE06F44972A3E262D110F637C4E1EBE362EDBA3C18E3AAC59A13B9EF089C63EBB602CA2691B5C649E1BED650E6040C82B5CBD96F9A91E13090373B991232A920B03BEE87572881B7A56A6C3DAA60A1DA9272F2B46D328CE73CE59CA95ABA863FED1B44E18E416461A49E399ADEADA818132FC2F1060E70316FCA79EB1932ACC696CE638AD1CA319DFBA8F1E62325118A690FBC6CA86FCCF48E56A093D99248D863481ABB92119FE4D99A0087EF85BFA5D8"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-08-12  18:19:37
ComboFix-quarantined-files.txt  2014-08-12 16:19
.
Vor Suchlauf: 18 Verzeichnis(se), 152.732.270.592 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 157.257.621.504 Bytes frei
.
- - End Of File - - F5DF5EF2B661B2EEC9869E4A48B9C187
72B8CE41AF0DE751C946802B3ED844B4

schrauber 12.08.2014 18:50
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:59 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131