Trojaner-Board - lrcnta + srptm, graue Felder

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - lrcnta + srptm, graue Felder (https://www.trojaner-board.de/158379-lrcnta-srptm-graue-felder.html)

lrcnta + srptm, graue Felder

Hallo,
es öffnen sich seit gestern
2 graue Felder grauen Feld (lrcnta + srptm), beim weggeklicken :twak:erscheinen sie sie im Sekundentakt.
Arbeiten am Rechner ist unmöglich.
Ich muß dazu sagen, dass ich jetzt von meinem Rechner schreibe, das Problem ist auf dem Rechner meines Mannes.

Kann mir jemand helfen?

Schöne Grüße Ute

Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Hallo Cosinus,

schon beim Runterladen des Farbar's Recovery Scan Tool´s reagiert das Programm nicht mehr. Wir kommen bis zum Scan, dann ist Feierabend. Der Balken bleibt stehen bei: Scanning Registry: HKCU/Software/Classes/CLSID.

das Virenprogramm läßt den download zu

Das Virenprogramm G-Data hat einen Virus gefunden. Keine Ahnung welchen, mein Mann hat ihn sofort gelöscht.

Nach langem experimentieren sind weitere Probleme entstanden.
Weder Farbar's Recovery Scan Tool noch Malwarebytes Anti-Malware können ihren Job machen. Beide Programme reagieren mit der Zeit nicht mehr und sind dann verschwunden.
Puhhh, habt Ihr noch eine Möglichkeit?
Gruß Ute

GDATA komplett deaktivieren, dann mit FRST nochmal probieren

Nach nochmaligen Versuchen Malwarebytes zu aktivieren (mit G-Data aus) kommt das graue Feld:
Malewarebytes Anti-Maleware funktioniert nicht mehr. Das Programm wird aufgrund eines Problems nicht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist.

Und nix geht mehr.

Wir sind immer noch bei FRST, nicht bei malwarebytes

Sorry,
bei FRST ist es so wie mit G-Data und ohne, ich komme bis "Scan" und dann bleibt das Programm (eigentlich der ganze Rechner) stehen. Nichts tut sich. Erst wenn der Task-Manager das Programm beendet läuft der Rechner wieder.

In Windows mit einem anderen Benutzerkonto anmelden und von da aus erneut FRST runterladen und starten. Falls kein anderes Benutzerkonto da ist, musst du eins mit Adminrechten erstellen über die Systemsteuerung/Benutzerkonten

Guten Morgen,
Benutzerkonto geändert, MS Windows sagt, Windows-Sidebar funktioniert nicht mehr.
Er hängt sich auf, Task-Manager anschließend auch. Anzeige: "Keine Rückmeldung"

Seit 1 Std. schon

Und weiter? Was ist jetzt mit FRST?

ich komme nicht soweit. FRST wird gestartet und bleibt stehen bei: Scanning Registry: HKCU/Software/Classes/CLSID.

Welches Windows hast du da eigentlich? Vista? 7? 8? 8.1?

Obwohl die Administrationsrechte geändert sind.

Zitat:

Zitat von cosinus (Beitrag 1355936)

Welches Windows hast du da eigentlich? Vista? 7? 8? 8.1?

wo kann ich das erfahren?

Hab über Tune Up nachgesehen.
Vista Home Premium 64 bit.
Version 6.0.6002 Service Pack 2

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01

Ran by Ute (administrator) on MANOPOST-PC on 08-09-2014 12:14:52

Running from C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K

Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 9

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe

(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe

(AOL LLC) C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe

(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

() C:\Program Files (x86)\LPT\srpts.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

() C:\Program Files (x86)\LPT\srptsl.exe

() J:\Tobit Radio.fx\Server\rfx-server.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe

(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe

() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKBap64.exe

(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(AOL, LLC.) C:\Program Files (x86)\AOL 9.0 VR\waol.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe

(America Online, Inc.) C:\Program Files (x86)\Common Files\aol\1231342872\ee\aolsoftware.exe

(AOL, LLC.) C:\Program Files (x86)\AOL 9.0 VR\shellmon.exe

(TuneUp Software) C:\Windows\System32\TuneUpDefragService.exe

() C:\Program Files (x86)\LPT\srptm.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe

(America Online Inc) C:\Program Files (x86)\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe

(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe

(Farbar) C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K\FRST64[1].exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe

HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)

HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 

HKU\S-1-5-21-243317379-2889874547-3061927781-1001\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE [50480 2007-06-21] (AOL, LLC.)

AppInit_DLLs: C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found

AppInit_DLLs-x32: C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found

IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\bip_camera1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\browser7.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\btassist1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\coverdes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\discspeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\drivespeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\eccenter1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\express.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\frontpg.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\infotool.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\lifecam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\mobiletrans.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\mypc backup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nero.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\neroburnrights.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nerohome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\neromediahome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nerorescueagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\neroscoutoptions.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nerovision.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\osa.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\photosnap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\photosnapviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\pptview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\recode.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\setupx.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\showtime.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\soundtrax.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\tosbtmng.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\tosbtproc1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\usrguide.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\waveedit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\wirelessftp1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\wlangui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\zune.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/cpm-redir/ie-9.html

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-9.html

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.t-online.de/cpm-redir/ie-9.html

hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-9.html

hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1408538863&from=cor&uid=395049983_1052451_7047A004

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1408538863&from=cor&uid=395049983_1052451_7047A004

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

URLSearchHook: HKLM-x32 - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} -  No File

URLSearchHook: HKLM-x32 - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)

URLSearchHook: HKLM-x32 - (No Name) - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}

SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}

SearchScopes: HKLM - {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

SearchScopes: HKLM - {F137222E-6DE9-44E9-8EF2-CC5A8D3833BB} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de

SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpXhO1w6Yb0c1W9-FhgkQWK4Ehfdcz3I3UPArKQFSZNlsdq5hyma9cy00L27XTCH8NP7vFjk0yFgGduK9dBuoGkYUY0-22LRv-4czOZ-p-bZAf0CeOHjuDAscDUZ6_hKRoRcEYt0oaxLZu2rTwuPYGxxcvT1FlCb8enA,,&q={searchTerms}

SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpXhO1w6Yb0c1W9-FhgkQWK4Ehfdcz3I3UPArKQFSZNlsdq5hyma9cy00L27XTCH8NP7vFjk0yFgGduK9dBuoGkYUY0-22LRv-4czOZ-p-bZAf0CeOHjuDAscDUZ6_hKRoRcEYt0oaxLZu2rTwuPYGxxcvT1FlCb8enA,,&q={searchTerms}

SearchScopes: HKLM-x32 - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=tb50-ie-aolde-chromesbox-de-de

SearchScopes: HKLM-x32 - {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

SearchScopes: HKCU - DefaultScope {83CB6700-9424-4FE4-B1F4-F9BC555167F3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi

SearchScopes: HKCU - {6C7BD9C4-A466-46C4-82C4-CC66701D1395} URL = hxxp://rover.ebay.com/rover/1/707-1403-276402/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={sear chTerms}

SearchScopes: HKCU - {83CB6700-9424-4FE4-B1F4-F9BC555167F3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi

SearchScopes: HKCU - {E6396811-2413-44EC-A69B-A788B0E124FC} URL = hxxp://suche.t-online.de/fastcgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&d ia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wikitab_internet_std&q={searchTerms}&br=ie7-toi

SearchScopes: HKCU - {F048D832-4CD6-4A55-AAC4-45E3EE19F9B4} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag= interactivemesuche21&index=blended&linkCode=ur2&camp=1638&creative=6742

BHO: SafeFinder SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: AOL Deutschland Toolbar Loader -> {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} -> C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)

BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)

BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM-x32 - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)

Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)

DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: HKLM-x32 {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab

DPF: HKLM-x32 {477E2667-7E7A-4737-BFF5-121D68EF7816} hxxp://musikdownloads.aol.de/imcdms-static/code/AOL%20Download%20Assistent.ocx

DPF: HKLM-x32 {74E4A24D-5224-4F05-8A41-99445E0FC22B} hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab

DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @funwebproducts.com/Plugin -> C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFunWeb.dll No File

FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)

FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-21]

FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799

FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-26]

FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-07]

FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Manopost\AppData\Roaming\Mozilla\Firefox\Profiles\rjmb4qdq.default\extensions\faststartff@gmail.com

FF Extension: Fast Start - C:\Users\Manopost\AppData\Roaming\Mozilla\Firefox\Profiles\rjmb4qdq.default\extensions\faststartff@gmail.com [2014-08-20]
 

Chrome: 

=======

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-01]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-07-30] (G Data Software AG)

R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)

R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin) [File not signed]

S4 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2009-01-28] (BOONTY) [File not signed]

S4 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [112128 2014-08-26] (Deutsche Telekom AG) [File not signed]

R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]

S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)

R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)

S3 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed]

R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-10-16] (Hewlett-Packard Co.) [File not signed]

S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]

R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32768 2014-08-27] ()

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]

S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)

S4 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]

R2 Radio.fx; J:\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()

S4 ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed]

R3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [506696 2010-02-27] (TuneUp Software)

S3 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [842056 2010-02-27] (TuneUp Software)

R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)

R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-20] (AVG Secure Search)

S2 scores; C:\Windows\score.exe [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)

S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [103936 2013-04-23] (LG Electronics Inc.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2010-07-22] ()

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-20] (AVG Technologies)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)

S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [34704 2010-02-05] (CSR, plc)

R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-09-01] (G Data Software AG)

R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-06] (G Data Software AG)

R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-09-01] (G Data Software AG)

R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-06] (G Data Software AG)

R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-09-01] (G Data Software AG)

R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-08-31] (G Data Software)

R3 HCW3x64; C:\Windows\System32\DRIVERS\HCW3x64.sys [1087872 2007-03-26] (Hauppauge Computer Works inc.)

R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-06] (G Data Software AG)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2010-07-22] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-08] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)

S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-06-06] (NVIDIA Corporation)

S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1368960 2006-09-30] (Philips Semiconductors GmbH)

S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()

S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-20] ()

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)

R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gt64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys [60056 2014-09-06] (StdLib)

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-08 09:47 - 2014-09-08 09:47 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Adobe

2014-09-08 09:46 - 2014-09-08 11:00 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\TuneUp Software

2014-09-08 09:46 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\TuneUp Software

2014-09-08 09:45 - 2014-09-08 09:45 - 00000951 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\AOL

2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Local\AOL

2014-09-08 09:44 - 2014-09-08 09:45 - 00000941 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-09-08 09:44 - 2014-09-08 09:44 - 00000936 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-09-08 09:42 - 2014-09-08 09:44 - 00000917 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-09-08 09:41 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\VirtualStore

2014-09-08 09:41 - 2014-09-08 09:44 - 00000000 ____D () C:\Users\Ute

2014-09-08 09:41 - 2014-09-08 09:41 - 00000020 ___SH () C:\Users\Ute\ntuser.ini

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Vorlagen

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Startmenü

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Netzwerkumgebung

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Lokale Einstellungen

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Eigene Dateien

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Druckumgebung

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Musik

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Bilder

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Verlauf

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Anwendungsdaten

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Anwendungsdaten

2014-09-08 09:41 - 2014-04-09 17:34 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Garmin

2014-09-08 09:41 - 2011-11-18 04:55 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Macromedia

2014-09-08 09:41 - 2010-11-16 00:09 - 00000000 ____D () C:\Users\Ute\AppData\Local\Microsoft Help

2014-09-08 09:41 - 2008-01-21 05:20 - 00000000 ___RD () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-09-08 09:41 - 2008-01-21 05:20 - 00000000 ___RD () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-09-08 08:03 - 2014-09-08 08:03 - 00003631 _____ () C:\Users\Manopost\Downloads\FRST.txt

2014-09-08 08:02 - 2014-09-08 08:03 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64(1).exe

2014-09-08 07:44 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll

2014-09-08 07:44 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll

2014-09-08 07:43 - 2014-09-08 07:43 - 01101648 _____ () C:\Users\Manopost\Downloads\HijackThis - CHIP-Installer.exe

2014-09-07 19:19 - 2014-09-07 19:19 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64.exe

2014-09-07 16:20 - 2014-09-08 10:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-07 16:19 - 2014-09-07 16:19 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-09-07 16:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-09-07 16:19 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-09-07 16:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-09-07 16:18 - 2014-09-07 16:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manopost\Downloads\mbam-setup-2.0.2.1012.exe

2014-09-07 15:00 - 2014-09-08 12:14 - 00000000 ____D () C:\FRST

2014-09-07 10:24 - 2014-09-07 10:24 - 00388152 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-09-07 10:23 - 2014-09-07 10:23 - 00185186 _____ () C:\Windows\PFRO.log

2014-09-06 23:41 - 2014-09-06 23:42 - 00895120 _____ (Google Inc.) C:\Users\Manopost\Downloads\ChromeSetup.exe

2014-09-06 23:27 - 2014-09-06 23:27 - 00000000 ____D () C:\Users\Manopost\Documents\PC Speed Maximizer

2014-09-06 23:27 - 2014-09-06 04:13 - 00060056 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys

2014-09-06 23:24 - 2014-09-07 16:25 - 00000000 ____D () C:\Program Files (x86)\LPT

2014-09-06 23:24 - 2014-09-06 23:24 - 00106712 _____ () C:\Users\Manopost\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-06 23:24 - 2014-09-06 23:24 - 00002379 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

2014-09-06 23:22 - 2014-09-07 00:24 - 00000000 ____D () C:\Users\Manopost\AppData\Local\LPT

2014-09-06 23:22 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Smartbar

2014-09-06 23:16 - 2014-09-06 23:57 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Gameo

2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\Desktop\Play Games Online.url

2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url

2014-09-06 23:16 - 2014-09-06 23:16 - 00000000 ___HD () C:\Users\Manopost\AppData\Roaming\GoldenGate

2014-09-06 21:50 - 2014-09-06 21:50 - 00602112 _____ (OldTimer Tools) C:\Users\Manopost\Desktop\OTL.exe

2014-09-06 16:11 - 2014-09-06 16:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Deployment

2014-09-01 23:00 - 2014-09-01 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS

2014-08-28 21:52 - 2014-08-23 03:05 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-28 21:52 - 2014-08-23 02:42 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-28 21:52 - 2014-08-23 01:38 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-27 10:03 - 2014-08-27 10:03 - 00000630 _____ () C:\Users\Manopost\Desktop\BLT14-15_209.exe - Verknüpfung.lnk

2014-08-27 09:52 - 2014-08-27 09:52 - 00724992 _____ (Maximilian Stangel) C:\Users\Manopost\Downloads\BLT14-15_209.exe

2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb

2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar

2014-08-26 18:52 - 2014-08-31 22:03 - 00000000 ___HD () C:\Users\Public\Temp

2014-08-26 18:49 - 2014-08-26 18:50 - 00000000 ____D () C:\Users\Public\29B3597AA0BC4491BC3F1A409CD7CF3F

2014-08-26 14:15 - 2013-12-27 16:17 - 37650432 _____ () C:\Users\Manopost\Desktop\M2U00050.MPG

2014-08-26 13:28 - 2014-09-06 23:26 - 00000000 ____D () C:\Users\Manopost\Desktop\Tablet

2014-08-26 13:13 - 2014-08-26 13:13 - 00000000 ____D () C:\ProgramData\Telekom-Browser 7

2014-08-25 17:43 - 2014-09-07 01:20 - 00000000 ___RD () C:\Users\Manopost\Dropbox

2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Program Files (x86)\Dropbox

2014-08-25 17:39 - 2014-09-06 22:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Dropbox

2014-08-25 07:52 - 2014-08-25 07:52 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Adobe

2014-08-22 15:27 - 2014-08-22 15:27 - 00000000 ____D () C:\ProgramData\Xerox

2014-08-22 14:28 - 2014-09-06 23:32 - 00000000 ____D () C:\Users\Manopost\Desktop\Neuer Ordner

2014-08-22 12:43 - 2014-08-22 12:45 - 00000000 ____D () C:\Users\Public\10F34257C92C4CB28669BE8F744057EF

2014-08-22 10:23 - 2014-08-22 10:24 - 00000000 ____D () C:\Users\Public\39203AE8A0DE4F819CFD816F114013DB

2014-08-22 10:23 - 2014-08-22 10:24 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\InetStat

2014-08-22 10:23 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat

2014-08-22 10:00 - 2014-04-19 17:34 - 00000426 _____ () C:\AVScanner.ini

2014-08-22 09:12 - 2014-08-29 15:01 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup

2014-08-22 09:11 - 2014-08-31 15:59 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air

2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\globalUpdate

2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

2014-08-22 09:10 - 2014-09-07 18:16 - 00000000 ____D () C:\Program Files (x86)\ver1Re-markit

2014-08-22 09:10 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\VOPackage

2014-08-22 09:10 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage

2014-08-22 09:10 - 2014-08-22 09:12 - 00062602 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistMSI61B3.txt

2014-08-22 09:10 - 2014-08-22 09:12 - 00012036 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistUI61B3.txt

2014-08-20 14:49 - 2014-08-20 14:49 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys

2014-08-20 14:49 - 2014-08-20 14:49 - 00000000 ____D () C:\Users\Manopost\AppData\Local\SlimWare Utilities Inc

2014-08-20 14:48 - 2014-08-20 14:48 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers

2014-08-20 14:45 - 2014-08-20 15:13 - 00000732 _____ () C:\Users\Manopost\AppData\Local\d3d9caps64.dat

2014-08-20 14:44 - 2014-08-20 14:44 - 00796720 _____ ( ) C:\Users\Manopost\Downloads\nero_setup.exe

2014-08-17 18:20 - 2014-08-17 18:45 - 00001653 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotostory 3 für Windows.lnk

2014-08-17 18:20 - 2014-08-17 18:20 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows

2014-08-17 18:18 - 2014-08-17 18:18 - 01101648 _____ () C:\Users\Manopost\Documents\Microsoft Photo Story - CHIP-Installer.exe

2014-08-17 13:33 - 2014-08-22 13:21 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo Video 1

2014-08-17 13:26 - 2014-08-22 14:59 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo 2

2014-08-17 11:21 - 2014-08-26 14:04 - 00000000 ____D () C:\Users\Manopost\Desktop\Meine Bilder

2014-08-17 08:49 - 2014-08-17 08:49 - 01058200 _____ (Adobe) C:\Users\Manopost\Downloads\install_flashplayer14x32au_mssa_awc_aih.exe

2014-08-17 08:36 - 2014-06-27 00:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-08-17 08:36 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-08-17 08:36 - 2014-06-27 00:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-08-17 08:36 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-08-17 08:36 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-08-17 08:36 - 2014-06-27 00:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-08-17 08:36 - 2014-06-06 06:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-08-17 08:36 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-17 08:32 - 2014-08-17 08:32 - 00001757 _____ () C:\Users\Public\Desktop\Garmin Express.lnk

2014-08-17 08:32 - 2014-08-17 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2014-08-17 00:05 - 2014-08-14 12:15 - 36898446 _____ () C:\Users\Manopost\Desktop\20140814_131447.mp4

2014-08-16 23:56 - 2014-08-20 19:35 - 00000000 ____D () C:\Users\Manopost\Desktop\Handy Tolo

2014-08-16 23:37 - 2014-06-14 02:56 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-08-16 23:37 - 2014-06-14 02:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-08-16 23:37 - 2014-06-02 23:30 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-08-16 23:37 - 2014-06-02 23:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-08-16 23:37 - 2014-06-02 23:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-08-16 23:37 - 2014-06-02 23:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-08-16 23:37 - 2014-06-02 22:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-08-16 23:37 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-08-16 23:37 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-08-16 23:37 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-08-16 23:36 - 2014-07-24 21:28 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-16 23:36 - 2014-07-24 21:12 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-08-16 23:36 - 2014-07-24 21:10 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-16 23:36 - 2014-07-24 21:07 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-16 23:36 - 2014-07-24 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-16 23:36 - 2014-07-24 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-16 23:36 - 2014-07-24 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-08-16 23:36 - 2014-07-24 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-16 23:36 - 2014-07-24 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-16 23:36 - 2014-07-24 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-16 23:36 - 2014-07-24 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-16 23:36 - 2014-07-24 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-08-16 23:36 - 2014-07-24 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-08-16 23:36 - 2014-07-24 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-08-16 23:36 - 2014-07-24 21:02 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-16 23:36 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-08-16 23:36 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-08-16 23:36 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-08-16 23:36 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-08-16 23:36 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-08-16 23:36 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-08-16 23:36 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-08-16 23:36 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-08-16 23:36 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-08-16 23:36 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-08-16 23:36 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-08-16 23:36 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-08-16 23:36 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-08-16 23:36 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-08-16 23:36 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-08-16 23:36 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-08-16 23:36 - 2014-07-08 03:12 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-08-16 23:36 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-08-16 23:06 - 2014-09-06 23:25 - 00000000 ____D () C:\Users\Manopost\Desktop\Kamera Tolo
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-08 12:14 - 2014-09-07 15:00 - 00000000 ____D () C:\FRST

2014-09-08 12:12 - 2010-11-02 18:19 - 01084488 _____ () C:\Windows\WindowsUpdate.log

2014-09-08 11:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-09-08 11:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-09-08 11:35 - 2012-07-19 18:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-09-08 11:00 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\TuneUp Software

2014-09-08 10:59 - 2014-09-07 16:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-08 09:55 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-09-08 09:54 - 2006-11-02 17:42 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-09-08 09:47 - 2014-09-08 09:47 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Adobe

2014-09-08 09:46 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\TuneUp Software

2014-09-08 09:46 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Ute\AppData\Local\VirtualStore

2014-09-08 09:45 - 2014-09-08 09:45 - 00000951 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\AOL

2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Local\AOL

2014-09-08 09:45 - 2014-09-08 09:44 - 00000941 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-09-08 09:44 - 2014-09-08 09:44 - 00000936 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-09-08 09:44 - 2014-09-08 09:42 - 00000917 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-09-08 09:44 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Ute

2014-09-08 09:41 - 2014-09-08 09:41 - 00000020 ___SH () C:\Users\Ute\ntuser.ini

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Vorlagen

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Startmenü

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Netzwerkumgebung

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Lokale Einstellungen

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Eigene Dateien

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Druckumgebung

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Musik

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Bilder

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Verlauf

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Anwendungsdaten

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Anwendungsdaten

2014-09-08 08:03 - 2014-09-08 08:03 - 00003631 _____ () C:\Users\Manopost\Downloads\FRST.txt

2014-09-08 08:03 - 2014-09-08 08:02 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64(1).exe

2014-09-08 07:52 - 2009-02-04 12:45 - 00000069 _____ () C:\Windows\NeroDigital.ini

2014-09-08 07:43 - 2014-09-08 07:43 - 01101648 _____ () C:\Users\Manopost\Downloads\HijackThis - CHIP-Installer.exe

2014-09-08 06:31 - 2013-09-17 15:45 - 00000425 _____ () C:\Windows\BRWMARK.INI

2014-09-07 21:28 - 2011-06-11 10:44 - 00003714 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7D2327BF-DAC5-43D7-8EB3-6EA0AF4A749D}

2014-09-07 19:19 - 2014-09-07 19:19 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64.exe

2014-09-07 18:29 - 2009-01-28 11:48 - 00000108 _____ () C:\Users\Manopost\AppData\Roaming\default.pls

2014-09-07 18:16 - 2014-08-22 09:10 - 00000000 ____D () C:\Program Files (x86)\ver1Re-markit

2014-09-07 16:25 - 2014-09-06 23:24 - 00000000 ____D () C:\Program Files (x86)\LPT

2014-09-07 16:19 - 2014-09-07 16:19 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-09-07 16:19 - 2014-09-07 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manopost\Downloads\mbam-setup-2.0.2.1012.exe

2014-09-07 11:08 - 2010-11-15 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-09-07 11:08 - 2010-11-15 00:52 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-09-07 10:24 - 2014-09-07 10:24 - 00388152 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-09-07 10:23 - 2014-09-07 10:23 - 00185186 _____ () C:\Windows\PFRO.log

2014-09-07 01:20 - 2014-08-25 17:43 - 00000000 ___RD () C:\Users\Manopost\Dropbox

2014-09-07 00:24 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\LPT

2014-09-07 00:16 - 2009-01-10 16:50 - 00000000 ____D () C:\Program Files (x86)\Google

2014-09-06 23:57 - 2014-09-06 23:16 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Gameo

2014-09-06 23:42 - 2014-09-06 23:41 - 00895120 _____ (Google Inc.) C:\Users\Manopost\Downloads\ChromeSetup.exe

2014-09-06 23:35 - 2013-12-03 13:32 - 00000000 ___RD () C:\Users\Manopost\Documents\Fugen-T-Poster

2014-09-06 23:34 - 2014-01-02 12:23 - 00000000 ____D () C:\Users\Manopost\Desktop\2014

2014-09-06 23:33 - 2014-01-02 15:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Bayrischer Wald

2014-09-06 23:32 - 2014-08-22 14:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Neuer Ordner

2014-09-06 23:27 - 2014-09-06 23:27 - 00000000 ____D () C:\Users\Manopost\Documents\PC Speed Maximizer

2014-09-06 23:27 - 2013-01-21 16:39 - 00000000 ____D () C:\Users\Manopost\Desktop\Bilder1

2014-09-06 23:26 - 2014-08-26 13:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Tablet

2014-09-06 23:25 - 2014-08-16 23:06 - 00000000 ____D () C:\Users\Manopost\Desktop\Kamera Tolo

2014-09-06 23:24 - 2014-09-06 23:24 - 00106712 _____ () C:\Users\Manopost\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-06 23:24 - 2014-09-06 23:24 - 00002379 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

2014-09-06 23:22 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Smartbar

2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\Desktop\Play Games Online.url

2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url

2014-09-06 23:16 - 2014-09-06 23:16 - 00000000 ___HD () C:\Users\Manopost\AppData\Roaming\GoldenGate

2014-09-06 22:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-09-06 22:50 - 2009-01-07 16:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-09-06 22:50 - 2006-11-02 17:15 - 00000000 ____D () C:\Windows\WindowsMobile

2014-09-06 22:46 - 2014-08-25 17:39 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Dropbox

2014-09-06 22:41 - 2013-04-11 17:22 - 00000000 ____D () C:\Program Files\Google

2014-09-06 22:40 - 2013-09-17 15:40 - 00000000 ____D () C:\ProgramData\InstallShield

2014-09-06 22:39 - 2013-09-17 15:42 - 00000000 ____D () C:\Program Files (x86)\Brother

2014-09-06 21:50 - 2014-09-06 21:50 - 00602112 _____ (OldTimer Tools) C:\Users\Manopost\Desktop\OTL.exe

2014-09-06 16:12 - 2009-01-10 16:51 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Google

2014-09-06 16:11 - 2014-09-06 16:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Deployment

2014-09-06 16:11 - 2010-06-03 12:57 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Apps\2.0

2014-09-06 15:57 - 2009-01-10 16:51 - 00000000 ____D () C:\ProgramData\Google

2014-09-06 15:36 - 2011-06-13 13:08 - 00003292 _____ () C:\Windows\System32\Tasks\{4231AEF2-8460-496A-9460-D6D1F6493ADF}

2014-09-06 04:13 - 2014-09-06 23:27 - 00060056 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys

2014-09-02 16:07 - 2008-09-13 07:16 - 00699062 _____ () C:\Windows\system32\perfh007.dat

2014-09-02 16:07 - 2008-09-13 07:16 - 00156416 _____ () C:\Windows\system32\perfc007.dat

2014-09-02 16:07 - 2006-11-02 14:46 - 01638136 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-01 23:00 - 2014-09-01 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS

2014-09-01 23:00 - 2014-04-12 12:28 - 00001794 _____ () C:\Users\Public\Desktop\G DATA ANTIVIRUS.lnk

2014-09-01 23:00 - 2009-10-03 14:49 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys

2014-09-01 23:00 - 2009-06-20 14:57 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys

2014-09-01 23:00 - 2009-06-20 14:56 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys

2014-08-31 23:00 - 2014-02-28 00:00 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys

2014-08-31 23:00 - 2009-07-28 16:34 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys

2014-08-31 22:03 - 2014-08-26 18:52 - 00000000 ___HD () C:\Users\Public\Temp

2014-08-31 15:59 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air

2014-08-29 15:01 - 2014-08-22 09:12 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup

2014-08-29 15:01 - 2009-01-08 19:24 - 00003784 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm

2014-08-29 15:00 - 2014-04-06 16:26 - 00003558 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask

2014-08-27 10:03 - 2014-08-27 10:03 - 00000630 _____ () C:\Users\Manopost\Desktop\BLT14-15_209.exe - Verknüpfung.lnk

2014-08-27 09:52 - 2014-08-27 09:52 - 00724992 _____ (Maximilian Stangel) C:\Users\Manopost\Downloads\BLT14-15_209.exe

2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb

2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar

2014-08-27 07:33 - 2014-07-28 19:59 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service

2014-08-26 18:50 - 2014-08-26 18:49 - 00000000 ____D () C:\Users\Public\29B3597AA0BC4491BC3F1A409CD7CF3F

2014-08-26 14:04 - 2014-08-17 11:21 - 00000000 ____D () C:\Users\Manopost\Desktop\Meine Bilder

2014-08-26 13:43 - 2009-01-09 17:08 - 00112128 _____ () C:\Users\Manopost\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-08-26 13:13 - 2014-08-26 13:13 - 00000000 ____D () C:\ProgramData\Telekom-Browser 7

2014-08-26 13:13 - 2014-07-28 19:59 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Deutsche Telekom AG

2014-08-26 07:51 - 2012-03-02 20:45 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search

2014-08-25 17:43 - 2009-01-07 16:52 - 00000000 ____D () C:\Users\Manopost

2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Program Files (x86)\Dropbox

2014-08-25 07:52 - 2014-08-25 07:52 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Adobe

2014-08-24 10:30 - 2012-07-19 18:26 - 00003736 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-08-24 10:30 - 2012-04-08 10:43 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-08-24 10:30 - 2011-05-14 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-08-23 03:05 - 2014-08-28 21:52 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-23 02:42 - 2014-08-28 21:52 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-23 01:38 - 2014-08-28 21:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-22 15:27 - 2014-08-22 15:27 - 00000000 ____D () C:\ProgramData\Xerox

2014-08-22 14:59 - 2014-08-17 13:26 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo 2

2014-08-22 13:21 - 2014-08-17 13:33 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo Video 1

2014-08-22 12:46 - 2014-08-22 09:10 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\VOPackage

2014-08-22 12:46 - 2014-08-22 09:10 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage

2014-08-22 12:45 - 2014-08-22 12:43 - 00000000 ____D () C:\Users\Public\10F34257C92C4CB28669BE8F744057EF

2014-08-22 10:24 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Public\39203AE8A0DE4F819CFD816F114013DB

2014-08-22 10:24 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\InetStat

2014-08-22 10:23 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat

2014-08-22 10:20 - 2009-01-28 10:44 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Ahead

2014-08-22 09:57 - 2009-02-02 23:48 - 00000000 __SHD () C:\found.000

2014-08-22 09:36 - 2012-12-16 14:45 - 00000111 _____ () C:\.dir

2014-08-22 09:32 - 2014-07-31 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-08-22 09:24 - 2014-01-03 19:18 - 00000008 __RSH () C:\Users\Manopost\ntuser.pol

2014-08-22 09:24 - 2009-11-23 14:04 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2014-08-22 09:16 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2014-08-22 09:12 - 2014-08-22 09:10 - 00062602 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistMSI61B3.txt

2014-08-22 09:12 - 2014-08-22 09:10 - 00012036 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistUI61B3.txt

2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\globalUpdate

2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

2014-08-20 19:35 - 2014-08-16 23:56 - 00000000 ____D () C:\Users\Manopost\Desktop\Handy Tolo

2014-08-20 19:28 - 2012-09-05 19:54 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2014-08-20 17:31 - 2010-08-01 13:11 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Skype

2014-08-20 15:13 - 2014-08-20 14:45 - 00000732 _____ () C:\Users\Manopost\AppData\Local\d3d9caps64.dat

2014-08-20 14:49 - 2014-08-20 14:49 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys

2014-08-20 14:49 - 2014-08-20 14:49 - 00000000 ____D () C:\Users\Manopost\AppData\Local\SlimWare Utilities Inc

2014-08-20 14:48 - 2014-08-20 14:48 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers

2014-08-20 14:44 - 2014-08-20 14:44 - 00796720 _____ ( ) C:\Users\Manopost\Downloads\nero_setup.exe

2014-08-17 18:45 - 2014-08-17 18:20 - 00001653 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotostory 3 für Windows.lnk

2014-08-17 18:20 - 2014-08-17 18:20 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows

2014-08-17 18:18 - 2014-08-17 18:18 - 01101648 _____ () C:\Users\Manopost\Documents\Microsoft Photo Story - CHIP-Installer.exe

2014-08-17 11:36 - 2013-07-04 09:21 - 00000855 _____ () C:\Users\Manopost\Desktop\Bluetooth-Informationsaustausch.lnk

2014-08-17 09:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache

2014-08-17 08:49 - 2014-08-17 08:49 - 01058200 _____ (Adobe) C:\Users\Manopost\Downloads\install_flashplayer14x32au_mssa_awc_aih.exe

2014-08-17 08:48 - 2013-08-15 20:56 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-17 08:44 - 2006-11-02 14:35 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-08-17 08:33 - 2014-02-19 16:41 - 00000000 ____D () C:\ProgramData\Package Cache

2014-08-17 08:32 - 2014-08-17 08:32 - 00001757 _____ () C:\Users\Public\Desktop\Garmin Express.lnk

2014-08-17 08:32 - 2014-08-17 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2014-08-17 08:32 - 2014-02-19 16:42 - 00000000 ____D () C:\ProgramData\Garmin

2014-08-17 08:32 - 2014-02-19 16:41 - 00000000 ____D () C:\Program Files (x86)\Garmin

2014-08-14 12:15 - 2014-08-17 00:05 - 36898446 _____ () C:\Users\Manopost\Desktop\20140814_131447.mp4
 

Files to move or delete:

====================

C:\Users\Manopost\DivXInstaller7.exe

C:\Users\Manopost\googleupdatesetup.exe

C:\Users\Manopost\Nero-8.3.13.0_all_update.exe

C:\Users\Manopost\pcfresh.exe

C:\Users\Manopost\PowerPointViewer.exe
 
 

Some content of TEMP:

====================

C:\Users\Manopost\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphpm47v.dll

C:\Users\Manopost\AppData\Local\Temp\ICReinstall_google-chrome_setup (1).exe

C:\Users\Manopost\AppData\Local\Temp\_isA52C.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-08 10:11
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01

Ran by Ute at 2014-09-08 12:15:59

Running from C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: G DATA ANTIVIRUS (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}

AS: G DATA ANTIVIRUS (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden

ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)

ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden

Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)

Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)

AGEIA PhysX v7.01.12 (HKLM-x32\...\{E2BE1618-AF5F-4F7D-8484-42E080EDF609}) (Version: 7.01.12 - AGEIA Technologies, Inc.)

ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden

AOL Deinstallation (HKLM-x32\...\AOL Deinstallation) (Version:  - )

AOL Deutschland Toolbar (HKLM-x32\...\AOL Deutschland Toolbar) (Version:  - )

Apple Application Support (HKLM-x32\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ATI Catalyst Install Manager (HKLM\...\{9EA8213A-9080-C41F-2F85-8FF98374AB9F}) (Version: 3.0.678.0 - ATI Technologies, Inc.)

AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)

AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)

AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)

AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)

Big Fish Games Client (HKLM-x32\...\BFGC) (Version: 1.4.0.11 - )

Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)

Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.05 - TOSHIBA CORPORATION)

Browser 7 der Telekom 31.0.19 (x86 de) (HKLM-x32\...\Browser 7 der Telekom 31.0.19 (x86 de)) (Version: 31.0.19 - Deutsche Telekom AG)

Browser 7 Maintenance Service (HKLM-x32\...\Browser7MaintenanceService) (Version: 29.0.40 - Deutsche Telekom AG)

BufferChm (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden

Catalyst Control Center Core Implementation (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Graphics Full Existing (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Graphics Full New (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Graphics Light (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Graphics Previews Vista (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2008.0514.2139.36863 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization Chinese Standard (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Chinese Traditional (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Czech (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Danish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Dutch (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Finnish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization French (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization German (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Greek (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Hungarian (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Italian (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Japanese (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Korean (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Norwegian (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Polish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Portuguese (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Russian (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Spanish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Swedish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Thai (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Catalyst Control Center Localization Turkish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

CCC Help Chinese Standard (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Chinese Traditional (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Czech (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Danish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Dutch (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help English (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Finnish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help French (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help German (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Greek (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Hungarian (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Italian (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Japanese (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Korean (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Norwegian (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Polish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Portuguese (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Russian (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Spanish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Swedish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Thai (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

CCC Help Turkish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden

ccc-core-static (x32 Version: 2008.0514.2139.36863 - Ihr Firmenname) Hidden

ccc-utility64 (Version: 2008.0514.2139.36863 - ATI) Hidden

Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)

Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Copy (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden

CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Destination Component (x32 Version: 090.000.091.086 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden

DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)

DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)

DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.8 - DivX, LLC)

Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION

Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden

Favorit (HKLM-x32\...\koega) (Version:  - )

Fax (x32 Version: 120.0.194.000 - Hewlett-Packard) Hidden

Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)

G DATA ANTIVIRUS (HKLM-x32\...\{B9FC0A7D-FA1D-4347-ABED-AD8AD5305633}) (Version: 25.0.2.1 - G DATA Software AG)

Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)

Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden

Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden

GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)

Hewlett-Packard Active Check for Health Check (x32 Version: 1.1.15.2 - Hewlett-Packard) Hidden

Hewlett-Packard Asset Agent for Health Check (x32 Version: 2.0.63.2 - HP) Hidden

HP Active Support Library (x32 Version: 3.1.6.1 - Hewlett-Packard) Hidden

HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)

HP Customer Feedback (x32 Version: 1.0.0 - Hewlett-Packard) Hidden

HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)

HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)

HP Picasso Media Center Add-In (x32 Version: 1.0.0 - HP) Hidden

HP Recovery Manager RSS (x32 Version: 84.0.0.7 - Hewlet Packard Company) Hidden

HP Update (HKLM-x32\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)

HP_Network_UserGuide (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

HPSSupply (HKLM-x32\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Ihr Firmenname)

Java Auto Updater (x32 Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden

Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)

Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)

Java(TM) SE Runtime Environment 6 Update 1 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)

Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden

king.com (remove only) (HKLM-x32\...\king.com) (Version:  - Midasplayer Ltd (king.com))

LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)

LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Marco Polo Mobile Navigator 2 (HKLM-x32\...\{5F65ECEE-EB1D-4C85-8D8C-9C7CE2DBB1D6}) (Version:  - )

MarketResearch (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden

Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden

Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)

Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)

Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)

MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)

Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)

MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)

Nero 8 (HKLM-x32\...\{1CA7ACD6-B21B-4240-AA05-4FC55F6E1031}) (Version: 8.3.465 - Nero AG)

neroxml (x32 Version: 1.0.0 - Nero AG) Hidden

NewFreeScreensaver nfsHDWaterfall03 (HKLM-x32\...\nfsHDWaterfall03 New Free Screensaver_is1) (Version:  - )

Nokia Connectivity Cable Driver (HKLM-x32\...\{25CFEF55-A945-41FC-86ED-76469F31DF37}) (Version: 7.1.41.0 - Nokia)

Nokia Music Player (HKLM-x32\...\{4FCB1267-7380-4EBA-9A6C-69809C6E8227}) (Version: 2.5.11021 - Nokia Music Player)

Nokia_Multimedia_Common_Components_2_5 (HKLM-x32\...\{25F61E72-AAA4-4607-95D2-1E5139C98FFB}) (Version: 2.7.69 - Nokia)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Optimierte Multimedia-Tastatur-Lösung (HKLM-x32\...\KBD) (Version:  - Hewlett-Packard)

PanoStandAlone (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden

PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)

PC Connectivity Solution (HKLM-x32\...\{4B28C077-9958-45F1-8BB4-CBF90A69AD4E}) (Version: 11.4.15.0 - Nokia)

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2926 - CyberLink Corp.)

PowerDirector (x32 Version: 6.5.2926 - CyberLink Corp.) Hidden

Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden

Python 2.5.2 (HKLM-x32\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5657 - Realtek Semiconductor Corp.)

RTC Client API v1.2 (HKLM-x32\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)

Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden

SafeFinder Smartbar (HKLM-x32\...\{1898B668-CCF5-429F-A86F-9837E5439D77}) (Version: 11.114.72.19232 - Linkury Ltd.) <==== ATTENTION

Skins (x32 Version: 2008.0514.2139.36863 - ATI) Hidden

Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Sony USB Driver (HKLM-x32\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)

Spielefieber Patiencen für Vista    (HKLM-x32\...\Spielefieber Patiencen für Vista) (Version:   - KlickMedia)

Status (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Top Ten Solitaire (HKLM-x32\...\{51790747-4141-2516-5286-723025870322}) (Version: 1.0 - Bluefish Games)

TrayApp (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden

TuneUp Utilities 2009 (HKLM-x32\...\{55A29068-F2CE-456C-9148-C869879E2357}) (Version: 8.0.3310.3 - TuneUp Software)

TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden

TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)

TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden

TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.171 - TuneUp Software) Hidden

UnloadSupport (x32 Version: 9.0.0 - Hewlett-Packard) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden

Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )

VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )

WDR RadioRecorder (HKLM-x32\...\Tobit Radio.fx Server 1) (Version:  - Tobit.Software)

Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)

Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 14.0.8098.930 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden

Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)

Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)

Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)

Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

Wondershare MobileTrans ( Version 4.2.0 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 4.2.0 - Wondershare)

Xvid 1.1.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))

Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )

Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 

==================== Restore Points  =========================
 
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {279F157C-71B0-48BD-869F-5517150C523D} - System32\Tasks\HP Health Check Scheduler => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)

Task: {28D5FA8E-3458-4145-A83A-4C217971EE93} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11] (Hewlett-Packard Co.)

Task: {36094E77-3C21-421B-8EAB-76A357083F9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-24] (Adobe Systems Incorporated)

Task: {376BB1C6-EE4E-4BEC-B4FE-84F31A30F5B1} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {468EF5B9-5FB1-4743-B57F-2607EADD3A6C} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)

Task: {4C1210EF-7F37-4352-A913-6973F45DEBA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {4F0D940C-AD4F-4AE6-AF83-44F78476290D} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe

Task: {50B63E3C-8429-4B61-9671-2F1989927645} - System32\Tasks\Automatische Wartung => C:\Program Files (x86)\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16] (TuneUp Software GmbH)

Task: {5EE7DBA1-E02B-449D-A55F-76653BBFC245} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)

Task: {5F5E9998-8B9C-481E-94C4-CA2EB746A438} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18] (Sun Microsystems, Inc.)

Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {83D434E6-D58F-4458-8579-F63D1022BFEF} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION

Task: {A4B635A8-CB6E-4CC9-A4C2-ED29C5B288AD} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()

Task: {ADFA917F-CC05-4250-BF79-23261ED49A92} - System32\Tasks\Desktop Messenger => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

Task: {B000A09E-317B-407D-BA22-B7FEDB6F3186} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)

Task: {CDBEB6A4-BC55-4040-88D6-844C74525DBE} - System32\Tasks\{4231AEF2-8460-496A-9460-D6D1F6493ADF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.3.0.116/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2

Task: {E6C229EB-FEFD-4A53-A5C9-7AE2CDBC5A82} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\SDP\RemEngine.exe [2008-06-12] ()

Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-08-27 18:43 - 2014-08-27 18:43 - 00032768 _____ () C:\Program Files (x86)\LPT\srpts.exe

2014-08-27 18:43 - 2014-08-27 18:52 - 00034816 _____ () C:\Program Files (x86)\LPT\srptsl.exe

2011-01-22 19:58 - 2011-11-18 15:51 - 03673944 _____ () J:\Tobit Radio.fx\Server\rfx-server.exe

2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll

2014-08-20 19:29 - 2014-08-20 19:28 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe

2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll

2008-09-12 21:49 - 2008-05-15 00:04 - 00116736 _____ () C:\Windows\system32\atitmm64.dll

2014-08-27 18:43 - 2014-08-27 18:52 - 00023040 _____ () C:\Program Files (x86)\LPT\srptm.exe

2014-08-27 18:43 - 2014-08-27 18:52 - 00042496 _____ () C:\Program Files (x86)\LPT\srptc.dll

2014-08-27 18:42 - 2014-08-27 18:50 - 00018944 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll

2014-08-27 18:43 - 2014-08-27 18:52 - 00070144 _____ () C:\Program Files (x86)\LPT\srut.dll

2014-08-20 19:29 - 2014-08-20 19:28 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll

2004-01-09 22:02 - 2004-01-09 22:02 - 00045056 _____ () C:\Program Files (x86)\AOL 9.0 VR\zlib.dll

2002-04-22 23:08 - 2002-04-22 23:08 - 00053248 _____ () C:\Program Files (x86)\AOL 9.0 VR\xmlparse.dll

2002-04-22 23:08 - 2002-04-22 23:08 - 00081920 _____ () C:\Program Files (x86)\AOL 9.0 VR\xmltok.dll

2007-05-24 10:01 - 2007-05-24 10:01 - 00090112 _____ () C:\Program Files (x86)\AOL 9.0 VR\Components\Tier2Svc.dll

2007-05-24 10:01 - 2007-05-24 10:01 - 00061440 _____ () C:\Program Files (x86)\AOL 9.0 VR\Components\DataSvcs.dll

2009-01-07 17:42 - 2007-05-24 04:49 - 00131072 _____ () c:\program files (x86)\common files\aol\1231342872\ee\services\proxyprovider\ver1_0_0_1\proxyprovider.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\Manopost:zylomtest

AlternateDataStreams: C:\Users\Manopost:zylomtr{000HQ7FF-AD7A-3FG7-DNQC-2227NIQAQVVE}

AlternateDataStreams: C:\Users\Manopost:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-28A45N46SVT9}

AlternateDataStreams: C:\ProgramData\TEMP:2B1EA607

AlternateDataStreams: C:\ProgramData\TEMP:8AD1F2E0

AlternateDataStreams: C:\ProgramData\TEMP:957E9765

AlternateDataStreams: C:\ProgramData\TEMP:BD36345D

AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\startupreg: KBD => C:\HP\KBD\KbdStub.EXE                                                                                                                                                                                                                                                    

MSCONFIG\startupreg: Wondershare Helper Compact.exe => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"                                                                                                                                                                                

MSCONFIG\startupreg: WSHelperSetup.exe => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"                                                                                                                                                                                
 

==================== Faulty Device Manager Devices =============
 

Name: isatap.{A615081A-DB1C-42C8-8B6A-0E4FEC46738B}

Description: Microsoft-ISATAP-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 

Name: isatap.{1AFC8298-E6C4-448F-A08D-F0585C2E35D5}

Description: Microsoft-ISATAP-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (09/08/2014 00:16:02 PM) (Source: VSS) (EventID: 12292) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.
 
 

Vorgang:

   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen

   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen

   Schattenkopien abfragen
 

Kontext:

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}

   Snapshotkontext: 13

   Snapshotkontext: 13

   Ausführungskontext: Coordinator
 

Error: (09/08/2014 00:16:02 PM) (Source: VSS) (EventID: 40) (User: )

Description: Volumeschattenkopie-Dienst-Fehler: Der Dienst "Microsoft-Softwareschattenkopie-Anbieter" 

(SWPRV) ist deaktiviert. Aktivieren Sie den Dienst, und wiederholen Sie den Vorgang.
 
 

Vorgang:

   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen

   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen

   Schattenkopien abfragen
 

Kontext:

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}

   Snapshotkontext: 13

   Snapshotkontext: 13

   Ausführungskontext: Coordinator
 

Error: (09/08/2014 00:12:38 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Installed Microsoft Fix it 50212; Hr = 0x8004230f).
 

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 12292) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.
 
 

Vorgang:

   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen

   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen

   Schattenkopien löschen
 

Kontext:

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}

   Snapshotkontext: 0

   Snapshotkontext: 0

   Ausführungskontext: Coordinator
 

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 40) (User: )

Description: Volumeschattenkopie-Dienst-Fehler: Der Dienst "Microsoft-Softwareschattenkopie-Anbieter" 

(SWPRV) ist deaktiviert. Aktivieren Sie den Dienst, und wiederholen Sie den Vorgang.
 
 

Vorgang:

   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen

   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen

   Schattenkopien löschen
 

Kontext:

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}

   Snapshotkontext: 0

   Snapshotkontext: 0

   Ausführungskontext: Coordinator
 

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 12292) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.
 
 

Vorgang:

   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen

   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen

   Schattenkopien abfragen

   Schattenkopien löschen
 

Kontext:

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}

   Snapshotkontext: 0

   Snapshotkontext: 0

   Ausführungskontext: Coordinator

   Ausführungskontext: Coordinator
 

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 40) (User: )

Description: Volumeschattenkopie-Dienst-Fehler: Der Dienst "Microsoft-Softwareschattenkopie-Anbieter" 

(SWPRV) ist deaktiviert. Aktivieren Sie den Dienst, und wiederholen Sie den Vorgang.
 
 

Vorgang:

   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen

   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen

   Schattenkopien abfragen

   Schattenkopien löschen
 

Kontext:

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}

   Snapshotkontext: 0

   Snapshotkontext: 0

   Ausführungskontext: Coordinator

   Ausführungskontext: Coordinator
 

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 12292) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.
 
 

Vorgang:

   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen

   Überprüfen, ob das Volume vom Anbieter unterstützt wird

   Volume einem Schattenkopiesatz hinzufügen
 

Kontext:

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Klassen-ID: {00000000-0000-0000-0000-000000000000}

   Snapshotkontext: 4194317

   Ausführungskontext: Coordinator

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Volumename: \\?\Volume{cc3cf33a-b60c-11dd-934c-806e6f6e6963}\

   Ausführungskontext: Coordinator
 

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 40) (User: )

Description: Volumeschattenkopie-Dienst-Fehler: Der Dienst "Microsoft-Softwareschattenkopie-Anbieter" 

(SWPRV) ist deaktiviert. Aktivieren Sie den Dienst, und wiederholen Sie den Vorgang.
 
 

Vorgang:

   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen

   Überprüfen, ob das Volume vom Anbieter unterstützt wird

   Volume einem Schattenkopiesatz hinzufügen
 

Kontext:

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Klassen-ID: {00000000-0000-0000-0000-000000000000}

   Snapshotkontext: 4194317

   Ausführungskontext: Coordinator

   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

   Volumename: \\?\Volume{cc3cf33a-b60c-11dd-934c-806e6f6e6963}\

   Ausführungskontext: Coordinator
 

Error: (09/08/2014 00:12:30 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Installed Microsoft Fix it 50212; Hr = 0x8004230f).
 
 

System errors:

=============

Error: (09/08/2014 09:58:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: HP CUE DeviceDiscovery Service%%2147500037
 

Error: (09/08/2014 09:57:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt
 

Error: (09/08/2014 09:57:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: HP CUE DeviceDiscovery Service
 

Error: (09/08/2014 09:57:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Windows-BilderfassungShellhardwareerkennung%%1058
 

Error: (09/08/2014 09:57:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: scores%%2
 

Error: (09/08/2014 09:43:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: HP CUE DeviceDiscovery Service%%2147500037
 

Error: (09/08/2014 09:43:10 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt
 

Error: (09/08/2014 09:42:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: HP CUE DeviceDiscovery Service
 

Error: (09/08/2014 09:42:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Windows-BilderfassungShellhardwareerkennung%%1058
 

Error: (09/08/2014 09:42:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: scores%%2
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-09-08 12:15:49.418

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-09-08 12:15:48.685

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-09-08 12:15:47.920

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-09-08 12:15:47.125

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-09-08 12:15:46.220

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-09-08 12:15:45.440

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-09-08 12:15:44.660

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-09-08 12:15:43.864

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-09-08 12:15:11.098

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-09-08 12:15:10.318

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Processor: AMD Phenom(tm) 9650 Quad-Core Processor

Percentage of memory in use: 58%

Total physical RAM: 4093.58 MB

Available physical RAM: 1704.81 MB

Total Pagefile: 8387.68 MB

Available Pagefile: 5739.36 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: (HP) (Fixed) (Total:582.63 GB) (Free:326.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.54 GB) (Free:1.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive j: (HP Pocket Media Drive) (Fixed) (Total:149.04 GB) (Free:126.5 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)

Partition 1: (Active) - (Size=582.6 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
 

========================================================

Disk: 5 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 2BD35C77)

Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)
 

==================== End Of Log ============================

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01

Ran by Ute (administrator) on MANOPOST-PC on 08-09-2014 12:14:52

Running from C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K

Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 9

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe

(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe

(AOL LLC) C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe

(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

() C:\Program Files (x86)\LPT\srpts.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

() C:\Program Files (x86)\LPT\srptsl.exe

() J:\Tobit Radio.fx\Server\rfx-server.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe

(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe

() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKBap64.exe

(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(AOL, LLC.) C:\Program Files (x86)\AOL 9.0 VR\waol.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe

(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe

(America Online, Inc.) C:\Program Files (x86)\Common Files\aol\1231342872\ee\aolsoftware.exe

(AOL, LLC.) C:\Program Files (x86)\AOL 9.0 VR\shellmon.exe

(TuneUp Software) C:\Windows\System32\TuneUpDefragService.exe

() C:\Program Files (x86)\LPT\srptm.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe

(America Online Inc) C:\Program Files (x86)\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe

(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe

(Farbar) C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K\FRST64[1].exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe

HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)

HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 

HKU\S-1-5-21-243317379-2889874547-3061927781-1001\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE [50480 2007-06-21] (AOL, LLC.)

AppInit_DLLs: C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found

AppInit_DLLs-x32: C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found

IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\bip_camera1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\browser7.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\btassist1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\coverdes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\discspeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\drivespeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\eccenter1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\express.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\frontpg.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\infotool.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\lifecam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\mobiletrans.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\mypc backup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nero.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\neroburnrights.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nerohome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\neromediahome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nerorescueagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\neroscoutoptions.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\nerovision.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\osa.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\photosnap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\photosnapviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\pptview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\recode.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\setupx.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\showtime.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\soundtrax.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\tosbtmng.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\tosbtproc1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\usrguide.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\waveedit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\wirelessftp1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\wlangui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

IFEO\zune.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/cpm-redir/ie-9.html

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-9.html

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.t-online.de/cpm-redir/ie-9.html

hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-9.html

hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1408538863&from=cor&uid=395049983_1052451_7047A004

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1408538863&from=cor&uid=395049983_1052451_7047A004

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

URLSearchHook: HKLM-x32 - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} -  No File

URLSearchHook: HKLM-x32 - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)

URLSearchHook: HKLM-x32 - (No Name) - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}

SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}

SearchScopes: HKLM - {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

SearchScopes: HKLM - {F137222E-6DE9-44E9-8EF2-CC5A8D3833BB} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de

SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpXhO1w6Yb0c1W9-FhgkQWK4Ehfdcz3I3UPArKQFSZNlsdq5hyma9cy00L27XTCH8NP7vFjk0yFgGduK9dBuoGkYUY0-22LRv-4czOZ-p-bZAf0CeOHjuDAscDUZ6_hKRoRcEYt0oaxLZu2rTwuPYGxxcvT1FlCb8enA,,&q={searchTerms}

SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpXhO1w6Yb0c1W9-FhgkQWK4Ehfdcz3I3UPArKQFSZNlsdq5hyma9cy00L27XTCH8NP7vFjk0yFgGduK9dBuoGkYUY0-22LRv-4czOZ-p-bZAf0CeOHjuDAscDUZ6_hKRoRcEYt0oaxLZu2rTwuPYGxxcvT1FlCb8enA,,&q={searchTerms}

SearchScopes: HKLM-x32 - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=tb50-ie-aolde-chromesbox-de-de

SearchScopes: HKLM-x32 - {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

SearchScopes: HKCU - DefaultScope {83CB6700-9424-4FE4-B1F4-F9BC555167F3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi

SearchScopes: HKCU - {6C7BD9C4-A466-46C4-82C4-CC66701D1395} URL = hxxp://rover.ebay.com/rover/1/707-1403-276402/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={sear chTerms}

SearchScopes: HKCU - {83CB6700-9424-4FE4-B1F4-F9BC555167F3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi

SearchScopes: HKCU - {E6396811-2413-44EC-A69B-A788B0E124FC} URL = hxxp://suche.t-online.de/fastcgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&d ia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wikitab_internet_std&q={searchTerms}&br=ie7-toi

SearchScopes: HKCU - {F048D832-4CD6-4A55-AAC4-45E3EE19F9B4} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag= interactivemesuche21&index=blended&linkCode=ur2&camp=1638&creative=6742

BHO: SafeFinder SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: AOL Deutschland Toolbar Loader -> {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} -> C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)

BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)

BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM-x32 - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)

Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)

DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: HKLM-x32 {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab

DPF: HKLM-x32 {477E2667-7E7A-4737-BFF5-121D68EF7816} hxxp://musikdownloads.aol.de/imcdms-static/code/AOL%20Download%20Assistent.ocx

DPF: HKLM-x32 {74E4A24D-5224-4F05-8A41-99445E0FC22B} hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab

DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @funwebproducts.com/Plugin -> C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFunWeb.dll No File

FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)

FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-21]

FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799

FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-26]

FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-07]

FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Manopost\AppData\Roaming\Mozilla\Firefox\Profiles\rjmb4qdq.default\extensions\faststartff@gmail.com

FF Extension: Fast Start - C:\Users\Manopost\AppData\Roaming\Mozilla\Firefox\Profiles\rjmb4qdq.default\extensions\faststartff@gmail.com [2014-08-20]
 

Chrome: 

=======

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-01]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-07-30] (G Data Software AG)

R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)

R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin) [File not signed]

S4 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2009-01-28] (BOONTY) [File not signed]

S4 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [112128 2014-08-26] (Deutsche Telekom AG) [File not signed]

R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]

S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)

R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)

S3 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed]

R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-10-16] (Hewlett-Packard Co.) [File not signed]

S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]

R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32768 2014-08-27] ()

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]

S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)

S4 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]

R2 Radio.fx; J:\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()

S4 ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed]

R3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [506696 2010-02-27] (TuneUp Software)

S3 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [842056 2010-02-27] (TuneUp Software)

R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)

R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-20] (AVG Secure Search)

S2 scores; C:\Windows\score.exe [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)

S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [103936 2013-04-23] (LG Electronics Inc.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2010-07-22] ()

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-20] (AVG Technologies)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)

S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [34704 2010-02-05] (CSR, plc)

R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-09-01] (G Data Software AG)

R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-06] (G Data Software AG)

R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-09-01] (G Data Software AG)

R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-06] (G Data Software AG)

R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-09-01] (G Data Software AG)

R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-08-31] (G Data Software)

R3 HCW3x64; C:\Windows\System32\DRIVERS\HCW3x64.sys [1087872 2007-03-26] (Hauppauge Computer Works inc.)

R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-06] (G Data Software AG)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2010-07-22] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-08] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)

S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-06-06] (NVIDIA Corporation)

S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1368960 2006-09-30] (Philips Semiconductors GmbH)

S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()

S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-20] ()

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)

R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gt64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys [60056 2014-09-06] (StdLib)

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-08 09:47 - 2014-09-08 09:47 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Adobe

2014-09-08 09:46 - 2014-09-08 11:00 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\TuneUp Software

2014-09-08 09:46 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\TuneUp Software

2014-09-08 09:45 - 2014-09-08 09:45 - 00000951 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\AOL

2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Local\AOL

2014-09-08 09:44 - 2014-09-08 09:45 - 00000941 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-09-08 09:44 - 2014-09-08 09:44 - 00000936 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-09-08 09:42 - 2014-09-08 09:44 - 00000917 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-09-08 09:41 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\VirtualStore

2014-09-08 09:41 - 2014-09-08 09:44 - 00000000 ____D () C:\Users\Ute

2014-09-08 09:41 - 2014-09-08 09:41 - 00000020 ___SH () C:\Users\Ute\ntuser.ini

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Vorlagen

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Startmenü

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Netzwerkumgebung

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Lokale Einstellungen

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Eigene Dateien

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Druckumgebung

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Musik

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Bilder

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Verlauf

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Anwendungsdaten

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Anwendungsdaten

2014-09-08 09:41 - 2014-04-09 17:34 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Garmin

2014-09-08 09:41 - 2011-11-18 04:55 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Macromedia

2014-09-08 09:41 - 2010-11-16 00:09 - 00000000 ____D () C:\Users\Ute\AppData\Local\Microsoft Help

2014-09-08 09:41 - 2008-01-21 05:20 - 00000000 ___RD () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-09-08 09:41 - 2008-01-21 05:20 - 00000000 ___RD () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-09-08 08:03 - 2014-09-08 08:03 - 00003631 _____ () C:\Users\Manopost\Downloads\FRST.txt

2014-09-08 08:02 - 2014-09-08 08:03 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64(1).exe

2014-09-08 07:44 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll

2014-09-08 07:44 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll

2014-09-08 07:43 - 2014-09-08 07:43 - 01101648 _____ () C:\Users\Manopost\Downloads\HijackThis - CHIP-Installer.exe

2014-09-07 19:19 - 2014-09-07 19:19 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64.exe

2014-09-07 16:20 - 2014-09-08 10:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-07 16:19 - 2014-09-07 16:19 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-09-07 16:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-09-07 16:19 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-09-07 16:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-09-07 16:18 - 2014-09-07 16:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manopost\Downloads\mbam-setup-2.0.2.1012.exe

2014-09-07 15:00 - 2014-09-08 12:14 - 00000000 ____D () C:\FRST

2014-09-07 10:24 - 2014-09-07 10:24 - 00388152 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-09-07 10:23 - 2014-09-07 10:23 - 00185186 _____ () C:\Windows\PFRO.log

2014-09-06 23:41 - 2014-09-06 23:42 - 00895120 _____ (Google Inc.) C:\Users\Manopost\Downloads\ChromeSetup.exe

2014-09-06 23:27 - 2014-09-06 23:27 - 00000000 ____D () C:\Users\Manopost\Documents\PC Speed Maximizer

2014-09-06 23:27 - 2014-09-06 04:13 - 00060056 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys

2014-09-06 23:24 - 2014-09-07 16:25 - 00000000 ____D () C:\Program Files (x86)\LPT

2014-09-06 23:24 - 2014-09-06 23:24 - 00106712 _____ () C:\Users\Manopost\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-06 23:24 - 2014-09-06 23:24 - 00002379 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

2014-09-06 23:22 - 2014-09-07 00:24 - 00000000 ____D () C:\Users\Manopost\AppData\Local\LPT

2014-09-06 23:22 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Smartbar

2014-09-06 23:16 - 2014-09-06 23:57 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Gameo

2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\Desktop\Play Games Online.url

2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url

2014-09-06 23:16 - 2014-09-06 23:16 - 00000000 ___HD () C:\Users\Manopost\AppData\Roaming\GoldenGate

2014-09-06 21:50 - 2014-09-06 21:50 - 00602112 _____ (OldTimer Tools) C:\Users\Manopost\Desktop\OTL.exe

2014-09-06 16:11 - 2014-09-06 16:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Deployment

2014-09-01 23:00 - 2014-09-01 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS

2014-08-28 21:52 - 2014-08-23 03:05 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-28 21:52 - 2014-08-23 02:42 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-28 21:52 - 2014-08-23 01:38 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-27 10:03 - 2014-08-27 10:03 - 00000630 _____ () C:\Users\Manopost\Desktop\BLT14-15_209.exe - Verknüpfung.lnk

2014-08-27 09:52 - 2014-08-27 09:52 - 00724992 _____ (Maximilian Stangel) C:\Users\Manopost\Downloads\BLT14-15_209.exe

2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb

2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar

2014-08-26 18:52 - 2014-08-31 22:03 - 00000000 ___HD () C:\Users\Public\Temp

2014-08-26 18:49 - 2014-08-26 18:50 - 00000000 ____D () C:\Users\Public\29B3597AA0BC4491BC3F1A409CD7CF3F

2014-08-26 14:15 - 2013-12-27 16:17 - 37650432 _____ () C:\Users\Manopost\Desktop\M2U00050.MPG

2014-08-26 13:28 - 2014-09-06 23:26 - 00000000 ____D () C:\Users\Manopost\Desktop\Tablet

2014-08-26 13:13 - 2014-08-26 13:13 - 00000000 ____D () C:\ProgramData\Telekom-Browser 7

2014-08-25 17:43 - 2014-09-07 01:20 - 00000000 ___RD () C:\Users\Manopost\Dropbox

2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Program Files (x86)\Dropbox

2014-08-25 17:39 - 2014-09-06 22:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Dropbox

2014-08-25 07:52 - 2014-08-25 07:52 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Adobe

2014-08-22 15:27 - 2014-08-22 15:27 - 00000000 ____D () C:\ProgramData\Xerox

2014-08-22 14:28 - 2014-09-06 23:32 - 00000000 ____D () C:\Users\Manopost\Desktop\Neuer Ordner

2014-08-22 12:43 - 2014-08-22 12:45 - 00000000 ____D () C:\Users\Public\10F34257C92C4CB28669BE8F744057EF

2014-08-22 10:23 - 2014-08-22 10:24 - 00000000 ____D () C:\Users\Public\39203AE8A0DE4F819CFD816F114013DB

2014-08-22 10:23 - 2014-08-22 10:24 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\InetStat

2014-08-22 10:23 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat

2014-08-22 10:00 - 2014-04-19 17:34 - 00000426 _____ () C:\AVScanner.ini

2014-08-22 09:12 - 2014-08-29 15:01 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup

2014-08-22 09:11 - 2014-08-31 15:59 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air

2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\globalUpdate

2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

2014-08-22 09:10 - 2014-09-07 18:16 - 00000000 ____D () C:\Program Files (x86)\ver1Re-markit

2014-08-22 09:10 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\VOPackage

2014-08-22 09:10 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage

2014-08-22 09:10 - 2014-08-22 09:12 - 00062602 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistMSI61B3.txt

2014-08-22 09:10 - 2014-08-22 09:12 - 00012036 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistUI61B3.txt

2014-08-20 14:49 - 2014-08-20 14:49 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys

2014-08-20 14:49 - 2014-08-20 14:49 - 00000000 ____D () C:\Users\Manopost\AppData\Local\SlimWare Utilities Inc

2014-08-20 14:48 - 2014-08-20 14:48 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers

2014-08-20 14:45 - 2014-08-20 15:13 - 00000732 _____ () C:\Users\Manopost\AppData\Local\d3d9caps64.dat

2014-08-20 14:44 - 2014-08-20 14:44 - 00796720 _____ ( ) C:\Users\Manopost\Downloads\nero_setup.exe

2014-08-17 18:20 - 2014-08-17 18:45 - 00001653 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotostory 3 für Windows.lnk

2014-08-17 18:20 - 2014-08-17 18:20 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows

2014-08-17 18:18 - 2014-08-17 18:18 - 01101648 _____ () C:\Users\Manopost\Documents\Microsoft Photo Story - CHIP-Installer.exe

2014-08-17 13:33 - 2014-08-22 13:21 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo Video 1

2014-08-17 13:26 - 2014-08-22 14:59 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo 2

2014-08-17 11:21 - 2014-08-26 14:04 - 00000000 ____D () C:\Users\Manopost\Desktop\Meine Bilder

2014-08-17 08:49 - 2014-08-17 08:49 - 01058200 _____ (Adobe) C:\Users\Manopost\Downloads\install_flashplayer14x32au_mssa_awc_aih.exe

2014-08-17 08:36 - 2014-06-27 00:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-08-17 08:36 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-08-17 08:36 - 2014-06-27 00:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-08-17 08:36 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-08-17 08:36 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-08-17 08:36 - 2014-06-27 00:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-08-17 08:36 - 2014-06-06 06:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-08-17 08:36 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-17 08:32 - 2014-08-17 08:32 - 00001757 _____ () C:\Users\Public\Desktop\Garmin Express.lnk

2014-08-17 08:32 - 2014-08-17 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2014-08-17 00:05 - 2014-08-14 12:15 - 36898446 _____ () C:\Users\Manopost\Desktop\20140814_131447.mp4

2014-08-16 23:56 - 2014-08-20 19:35 - 00000000 ____D () C:\Users\Manopost\Desktop\Handy Tolo

2014-08-16 23:37 - 2014-06-14 02:56 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-08-16 23:37 - 2014-06-14 02:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-08-16 23:37 - 2014-06-02 23:30 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-08-16 23:37 - 2014-06-02 23:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-08-16 23:37 - 2014-06-02 23:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-08-16 23:37 - 2014-06-02 23:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-08-16 23:37 - 2014-06-02 22:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-08-16 23:37 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-08-16 23:37 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-08-16 23:37 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-08-16 23:36 - 2014-07-24 21:28 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-16 23:36 - 2014-07-24 21:12 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-08-16 23:36 - 2014-07-24 21:10 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-16 23:36 - 2014-07-24 21:07 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-16 23:36 - 2014-07-24 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-16 23:36 - 2014-07-24 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-16 23:36 - 2014-07-24 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-08-16 23:36 - 2014-07-24 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-16 23:36 - 2014-07-24 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-16 23:36 - 2014-07-24 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-16 23:36 - 2014-07-24 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-16 23:36 - 2014-07-24 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-16 23:36 - 2014-07-24 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-08-16 23:36 - 2014-07-24 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-08-16 23:36 - 2014-07-24 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-08-16 23:36 - 2014-07-24 21:02 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-16 23:36 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-08-16 23:36 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-08-16 23:36 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-08-16 23:36 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-08-16 23:36 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-08-16 23:36 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-08-16 23:36 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-08-16 23:36 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-08-16 23:36 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-08-16 23:36 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-08-16 23:36 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-08-16 23:36 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-08-16 23:36 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-08-16 23:36 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-08-16 23:36 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-08-16 23:36 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-08-16 23:36 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-08-16 23:36 - 2014-07-08 03:12 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-08-16 23:36 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-08-16 23:06 - 2014-09-06 23:25 - 00000000 ____D () C:\Users\Manopost\Desktop\Kamera Tolo
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-08 12:14 - 2014-09-07 15:00 - 00000000 ____D () C:\FRST

2014-09-08 12:12 - 2010-11-02 18:19 - 01084488 _____ () C:\Windows\WindowsUpdate.log

2014-09-08 11:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-09-08 11:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-09-08 11:35 - 2012-07-19 18:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-09-08 11:00 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\TuneUp Software

2014-09-08 10:59 - 2014-09-07 16:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-08 09:55 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-09-08 09:54 - 2006-11-02 17:42 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-09-08 09:47 - 2014-09-08 09:47 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Adobe

2014-09-08 09:46 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\TuneUp Software

2014-09-08 09:46 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Ute\AppData\Local\VirtualStore

2014-09-08 09:45 - 2014-09-08 09:45 - 00000951 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\AOL

2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Local\AOL

2014-09-08 09:45 - 2014-09-08 09:44 - 00000941 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-09-08 09:44 - 2014-09-08 09:44 - 00000936 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-09-08 09:44 - 2014-09-08 09:42 - 00000917 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

2014-09-08 09:44 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Ute

2014-09-08 09:41 - 2014-09-08 09:41 - 00000020 ___SH () C:\Users\Ute\ntuser.ini

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Vorlagen

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Startmenü

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Netzwerkumgebung

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Lokale Einstellungen

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Eigene Dateien

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Druckumgebung

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Musik

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Bilder

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Verlauf

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Anwendungsdaten

2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Anwendungsdaten

2014-09-08 08:03 - 2014-09-08 08:03 - 00003631 _____ () C:\Users\Manopost\Downloads\FRST.txt

2014-09-08 08:03 - 2014-09-08 08:02 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64(1).exe

2014-09-08 07:52 - 2009-02-04 12:45 - 00000069 _____ () C:\Windows\NeroDigital.ini

2014-09-08 07:43 - 2014-09-08 07:43 - 01101648 _____ () C:\Users\Manopost\Downloads\HijackThis - CHIP-Installer.exe

2014-09-08 06:31 - 2013-09-17 15:45 - 00000425 _____ () C:\Windows\BRWMARK.INI

2014-09-07 21:28 - 2011-06-11 10:44 - 00003714 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7D2327BF-DAC5-43D7-8EB3-6EA0AF4A749D}

2014-09-07 19:19 - 2014-09-07 19:19 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64.exe

2014-09-07 18:29 - 2009-01-28 11:48 - 00000108 _____ () C:\Users\Manopost\AppData\Roaming\default.pls

2014-09-07 18:16 - 2014-08-22 09:10 - 00000000 ____D () C:\Program Files (x86)\ver1Re-markit

2014-09-07 16:25 - 2014-09-06 23:24 - 00000000 ____D () C:\Program Files (x86)\LPT

2014-09-07 16:19 - 2014-09-07 16:19 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-09-07 16:19 - 2014-09-07 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manopost\Downloads\mbam-setup-2.0.2.1012.exe

2014-09-07 11:08 - 2010-11-15 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-09-07 11:08 - 2010-11-15 00:52 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-09-07 10:24 - 2014-09-07 10:24 - 00388152 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-09-07 10:23 - 2014-09-07 10:23 - 00185186 _____ () C:\Windows\PFRO.log

2014-09-07 01:20 - 2014-08-25 17:43 - 00000000 ___RD () C:\Users\Manopost\Dropbox

2014-09-07 00:24 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\LPT

2014-09-07 00:16 - 2009-01-10 16:50 - 00000000 ____D () C:\Program Files (x86)\Google

2014-09-06 23:57 - 2014-09-06 23:16 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Gameo

2014-09-06 23:42 - 2014-09-06 23:41 - 00895120 _____ (Google Inc.) C:\Users\Manopost\Downloads\ChromeSetup.exe

2014-09-06 23:35 - 2013-12-03 13:32 - 00000000 ___RD () C:\Users\Manopost\Documents\Fugen-T-Poster

2014-09-06 23:34 - 2014-01-02 12:23 - 00000000 ____D () C:\Users\Manopost\Desktop\2014

2014-09-06 23:33 - 2014-01-02 15:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Bayrischer Wald

2014-09-06 23:32 - 2014-08-22 14:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Neuer Ordner

2014-09-06 23:27 - 2014-09-06 23:27 - 00000000 ____D () C:\Users\Manopost\Documents\PC Speed Maximizer

2014-09-06 23:27 - 2013-01-21 16:39 - 00000000 ____D () C:\Users\Manopost\Desktop\Bilder1

2014-09-06 23:26 - 2014-08-26 13:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Tablet

2014-09-06 23:25 - 2014-08-16 23:06 - 00000000 ____D () C:\Users\Manopost\Desktop\Kamera Tolo

2014-09-06 23:24 - 2014-09-06 23:24 - 00106712 _____ () C:\Users\Manopost\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-06 23:24 - 2014-09-06 23:24 - 00002379 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

2014-09-06 23:22 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Smartbar

2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\Desktop\Play Games Online.url

2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url

2014-09-06 23:16 - 2014-09-06 23:16 - 00000000 ___HD () C:\Users\Manopost\AppData\Roaming\GoldenGate

2014-09-06 22:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-09-06 22:50 - 2009-01-07 16:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-09-06 22:50 - 2006-11-02 17:15 - 00000000 ____D () C:\Windows\WindowsMobile

2014-09-06 22:46 - 2014-08-25 17:39 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Dropbox

2014-09-06 22:41 - 2013-04-11 17:22 - 00000000 ____D () C:\Program Files\Google

2014-09-06 22:40 - 2013-09-17 15:40 - 00000000 ____D () C:\ProgramData\InstallShield

2014-09-06 22:39 - 2013-09-17 15:42 - 00000000 ____D () C:\Program Files (x86)\Brother

2014-09-06 21:50 - 2014-09-06 21:50 - 00602112 _____ (OldTimer Tools) C:\Users\Manopost\Desktop\OTL.exe

2014-09-06 16:12 - 2009-01-10 16:51 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Google

2014-09-06 16:11 - 2014-09-06 16:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Deployment

2014-09-06 16:11 - 2010-06-03 12:57 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Apps\2.0

2014-09-06 15:57 - 2009-01-10 16:51 - 00000000 ____D () C:\ProgramData\Google

2014-09-06 15:36 - 2011-06-13 13:08 - 00003292 _____ () C:\Windows\System32\Tasks\{4231AEF2-8460-496A-9460-D6D1F6493ADF}

2014-09-06 04:13 - 2014-09-06 23:27 - 00060056 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys

2014-09-02 16:07 - 2008-09-13 07:16 - 00699062 _____ () C:\Windows\system32\perfh007.dat

2014-09-02 16:07 - 2008-09-13 07:16 - 00156416 _____ () C:\Windows\system32\perfc007.dat

2014-09-02 16:07 - 2006-11-02 14:46 - 01638136 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-01 23:00 - 2014-09-01 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS

2014-09-01 23:00 - 2014-04-12 12:28 - 00001794 _____ () C:\Users\Public\Desktop\G DATA ANTIVIRUS.lnk

2014-09-01 23:00 - 2009-10-03 14:49 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys

2014-09-01 23:00 - 2009-06-20 14:57 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys

2014-09-01 23:00 - 2009-06-20 14:56 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys

2014-08-31 23:00 - 2014-02-28 00:00 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys

2014-08-31 23:00 - 2009-07-28 16:34 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys

2014-08-31 22:03 - 2014-08-26 18:52 - 00000000 ___HD () C:\Users\Public\Temp

2014-08-31 15:59 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air

2014-08-29 15:01 - 2014-08-22 09:12 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup

2014-08-29 15:01 - 2009-01-08 19:24 - 00003784 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm

2014-08-29 15:00 - 2014-04-06 16:26 - 00003558 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask

2014-08-27 10:03 - 2014-08-27 10:03 - 00000630 _____ () C:\Users\Manopost\Desktop\BLT14-15_209.exe - Verknüpfung.lnk

2014-08-27 09:52 - 2014-08-27 09:52 - 00724992 _____ (Maximilian Stangel) C:\Users\Manopost\Downloads\BLT14-15_209.exe

2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb

2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar

2014-08-27 07:33 - 2014-07-28 19:59 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service

2014-08-26 18:50 - 2014-08-26 18:49 - 00000000 ____D () C:\Users\Public\29B3597AA0BC4491BC3F1A409CD7CF3F

2014-08-26 14:04 - 2014-08-17 11:21 - 00000000 ____D () C:\Users\Manopost\Desktop\Meine Bilder

2014-08-26 13:43 - 2009-01-09 17:08 - 00112128 _____ () C:\Users\Manopost\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-08-26 13:13 - 2014-08-26 13:13 - 00000000 ____D () C:\ProgramData\Telekom-Browser 7

2014-08-26 13:13 - 2014-07-28 19:59 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Deutsche Telekom AG

2014-08-26 07:51 - 2012-03-02 20:45 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search

2014-08-25 17:43 - 2009-01-07 16:52 - 00000000 ____D () C:\Users\Manopost

2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Program Files (x86)\Dropbox

2014-08-25 07:52 - 2014-08-25 07:52 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Adobe

2014-08-24 10:30 - 2012-07-19 18:26 - 00003736 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-08-24 10:30 - 2012-04-08 10:43 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-08-24 10:30 - 2011-05-14 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-08-23 03:05 - 2014-08-28 21:52 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-23 02:42 - 2014-08-28 21:52 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-23 01:38 - 2014-08-28 21:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-22 15:27 - 2014-08-22 15:27 - 00000000 ____D () C:\ProgramData\Xerox

2014-08-22 14:59 - 2014-08-17 13:26 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo 2

2014-08-22 13:21 - 2014-08-17 13:33 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo Video 1

2014-08-22 12:46 - 2014-08-22 09:10 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\VOPackage

2014-08-22 12:46 - 2014-08-22 09:10 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage

2014-08-22 12:45 - 2014-08-22 12:43 - 00000000 ____D () C:\Users\Public\10F34257C92C4CB28669BE8F744057EF

2014-08-22 10:24 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Public\39203AE8A0DE4F819CFD816F114013DB

2014-08-22 10:24 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\InetStat

2014-08-22 10:23 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat

2014-08-22 10:20 - 2009-01-28 10:44 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Ahead

2014-08-22 09:57 - 2009-02-02 23:48 - 00000000 __SHD () C:\found.000

2014-08-22 09:36 - 2012-12-16 14:45 - 00000111 _____ () C:\.dir

2014-08-22 09:32 - 2014-07-31 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-08-22 09:24 - 2014-01-03 19:18 - 00000008 __RSH () C:\Users\Manopost\ntuser.pol

2014-08-22 09:24 - 2009-11-23 14:04 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2014-08-22 09:16 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2014-08-22 09:12 - 2014-08-22 09:10 - 00062602 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistMSI61B3.txt

2014-08-22 09:12 - 2014-08-22 09:10 - 00012036 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistUI61B3.txt

2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\globalUpdate

2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\globalUpdate

2014-08-20 19:35 - 2014-08-16 23:56 - 00000000 ____D () C:\Users\Manopost\Desktop\Handy Tolo

2014-08-20 19:28 - 2012-09-05 19:54 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2014-08-20 17:31 - 2010-08-01 13:11 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Skype

2014-08-20 15:13 - 2014-08-20 14:45 - 00000732 _____ () C:\Users\Manopost\AppData\Local\d3d9caps64.dat

2014-08-20 14:49 - 2014-08-20 14:49 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys

2014-08-20 14:49 - 2014-08-20 14:49 - 00000000 ____D () C:\Users\Manopost\AppData\Local\SlimWare Utilities Inc

2014-08-20 14:48 - 2014-08-20 14:48 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers

2014-08-20 14:44 - 2014-08-20 14:44 - 00796720 _____ ( ) C:\Users\Manopost\Downloads\nero_setup.exe

2014-08-17 18:45 - 2014-08-17 18:20 - 00001653 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotostory 3 für Windows.lnk

2014-08-17 18:20 - 2014-08-17 18:20 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows

2014-08-17 18:18 - 2014-08-17 18:18 - 01101648 _____ () C:\Users\Manopost\Documents\Microsoft Photo Story - CHIP-Installer.exe

2014-08-17 11:36 - 2013-07-04 09:21 - 00000855 _____ () C:\Users\Manopost\Desktop\Bluetooth-Informationsaustausch.lnk

2014-08-17 09:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache

2014-08-17 08:49 - 2014-08-17 08:49 - 01058200 _____ (Adobe) C:\Users\Manopost\Downloads\install_flashplayer14x32au_mssa_awc_aih.exe

2014-08-17 08:48 - 2013-08-15 20:56 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-17 08:44 - 2006-11-02 14:35 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-08-17 08:33 - 2014-02-19 16:41 - 00000000 ____D () C:\ProgramData\Package Cache

2014-08-17 08:32 - 2014-08-17 08:32 - 00001757 _____ () C:\Users\Public\Desktop\Garmin Express.lnk

2014-08-17 08:32 - 2014-08-17 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2014-08-17 08:32 - 2014-02-19 16:42 - 00000000 ____D () C:\ProgramData\Garmin

2014-08-17 08:32 - 2014-02-19 16:41 - 00000000 ____D () C:\Program Files (x86)\Garmin

2014-08-14 12:15 - 2014-08-17 00:05 - 36898446 _____ () C:\Users\Manopost\Desktop\20140814_131447.mp4
 

Files to move or delete:

====================

C:\Users\Manopost\DivXInstaller7.exe

C:\Users\Manopost\googleupdatesetup.exe

C:\Users\Manopost\Nero-8.3.13.0_all_update.exe

C:\Users\Manopost\pcfresh.exe

C:\Users\Manopost\PowerPointViewer.exe
 
 

Some content of TEMP:

====================

C:\Users\Manopost\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphpm47v.dll

C:\Users\Manopost\AppData\Local\Temp\ICReinstall_google-chrome_setup (1).exe

C:\Users\Manopost\AppData\Local\Temp\_isA52C.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-08 10:11
 

==================== End Of Log ============================

--- --- ---