Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojaner auf dem Rechner (https://www.trojaner-board.de/159804-trojaner-rechner.html)

GerKK 16.10.2014 14:43
Trojaner auf dem Rechner
 
Guten Tag, können Sie mir helfen?

Die Datei 'C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/BrowseFox.Gen7' [adware].
Durchgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.

schrauber 16.10.2014 15:30
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


GerKK 16.10.2014 17:36
Trojaner auf dem Rechner
 
Hallo Schrauber, anbei die Dateien. Die Protokolldatei von Avira Anti Virus ist vermutlich zu gr0ß. bei Bedarf müsste ich sie noch einmal separat verschicken.
Danke schon einmal vorab für die Unterstützung.
Gerhard

schrauber 17.10.2014 08:31
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

GerKK 17.10.2014 08:41
Trojaner auf dem Rechner
 
Guten Morgen Schrauber, ich hatte gehofft, daß ich diesen "Eindringling" eleminiert hätte. Fakt ist, er ist immer noch im Hintergrund aktiv, siehe dazu screenshot von eben. Ich hatte mich im Board informiert und die Punkte in dem Post von KaRin abgearbeitet. Avira meldete nach dem Suchlauf "keinen Fund". Zur Zeit läuft ein erneuter Virensuchlauf, das Antimalware Programmversion 2.0.3.1025 wurde mit dem Systemstart gestartet. Gestern Abend war der IE Firefox, ohne die im Screenshot zu sehenden grünen Zeichen, normal gelaufen. Der Rechner aber dauernd im Hintergrund aktiv und die Geschwindigkeit absolut langsam. Ich erwarte weitere Anweisungen, bitte helfen Sie mir.
MfG Gerhard

GerKK 17.10.2014 14:49
Danke für die Info, wie eben gepostet, der "Eindringling ist immer noch aktiv.
Ich kann leider die screenshots nicht in.txt-Dateien umwandeln, möchte sie aber kurz beschreiben. Bei deiner Antwort von heute Morgen 09:31, im ersten Satz:"Logs bitte immer in den Thread posten..." ist das Wort "posten" in Großbuchstaben, fett und unterstrichen geschrieben. Am rechten Rand ist hochgesetzt ein nach rechts oben geöffneter Kreis, mit einem Pfeil nach rechts oben abgebildet. Sobald man mit der Maus über das unterstrichene Wort fährt, popt ein neues Fenster mit der Werbung auf. Sobald man darauf klickt, wird man zu einer neuen Seite in einem neuen TAB weitergeleitet und soll an einer Umfrage mit garantiertem Gewinn teilnehmen.- Ich erwarte weitere Anweisungen, Danke für Deine Hilfe. MfG Gerhard

Hallo Schrauber, nachdem das Malwarebytes Programm einen neuen Suchlauf mit 2 Non Malware gefunden hatte und ich diese Dateien, s. LogDatei, in die Quarantäne geschoben habe, scheint der "Spuk" vorbei zu sein. Der Rechner läuft scheinbar normal und die Zeichen der Seite sind wieder normal, keine Großbuchstaben etc. Schau bdir bitte trotzdem noch einmal die Dateien an, der AVIRA Suchlauf ist noch nicht beendet. Danke für eure Hilfe,
MfG Gerhard
PS.: Schau mal auf das Zeichen hinter SOFTWARE in der Anweisung "Plagegeister aller Art und deren Bekämpfung"

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 17.10.2014
Suchlauf-Zeit: 12:46:52
Logdatei: LogMalware171014.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.10.17.04
Rootkit Datenbank: v2014.10.15.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Gerhard

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 467356
Verstrichene Zeit: 17 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 2
PUP.Optional.Conduit.A, C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}");), Ersetzt,[6b5d9e7796e6d264eafa282f53b2728e]
PUP.Optional.Conduit.A, C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\prefs.js, Gut: (), Schlecht: (user_pref("CT2319825.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q=");), Ersetzt,[dbeded28f8845fd785600e4904019769]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
Hallo Schrauber,
anbei die AVIRA Antivirus Pro Log zur Auswertung.
Danke für eure bisherige Hilfe, kriegen wir das dennoch hin?
Code:
Antivirus Pro
Erstellungsdatum der Reportdatei: Freitag, 17. Oktober 2014  08:53


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer  : Gerhard Kirchhoff
Seriennummer  : 2213157700-PEPWE-0000001
Plattform      : Windows 7 Home Premium
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus    : Normal gebootet
Benutzername  : SYSTEM
Computername  : GERHARD-PC

Versionsinformationen:
BUILD.DAT      : 14.0.7.306    94325 Bytes  26.09.2014 10:03:00
AVSCAN.EXE    : 14.0.7.266  1014576 Bytes  07.10.2014 09:22:06
AVSCANRC.DLL  : 14.0.7.220    65272 Bytes  07.10.2014 09:22:07
LUKE.DLL      : 14.0.7.220    59696 Bytes  07.10.2014 09:25:02
AVSCPLR.DLL    : 14.0.7.266    94512 Bytes  07.10.2014 09:22:08
REPAIR.DLL    : 14.0.7.266    366328 Bytes  07.10.2014 09:21:49
REPAIR.RDF    : 1.0.2.16      571463 Bytes  16.10.2014 10:48:18
AVREG.DLL      : 14.0.7.220    264952 Bytes  07.10.2014 09:21:43
AVLODE.DLL    : 14.0.7.266    563448 Bytes  07.10.2014 09:21:21
AVLODE.RDF    : 14.0.4.46      64835 Bytes  10.09.2014 14:36:47
XBV00011.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:31
XBV00012.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:32
XBV00013.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:32
XBV00014.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:33
XBV00015.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:33
XBV00016.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:33
XBV00017.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:34
XBV00018.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:34
XBV00019.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:34
XBV00020.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:34
XBV00021.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:35
XBV00022.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:35
XBV00023.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:35
XBV00024.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:35
XBV00025.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:35
XBV00026.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:35
XBV00027.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:36
XBV00028.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:36
XBV00029.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:36
XBV00030.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:36
XBV00031.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:36
XBV00032.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:36
XBV00033.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:37
XBV00034.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:37
XBV00035.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:37
XBV00036.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:37
XBV00037.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:37
XBV00038.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:37
XBV00039.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:38
XBV00040.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:38
XBV00041.VDF  : 8.11.165.190    2048 Bytes  07.08.2014 11:17:38
XBV00060.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:39
XBV00061.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:40
XBV00062.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:41
XBV00063.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:41
XBV00064.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:41
XBV00065.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:44
XBV00066.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:48
XBV00067.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:48
XBV00068.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:49
XBV00069.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:49
XBV00070.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:50
XBV00071.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:50
XBV00072.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:50
XBV00073.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:50
XBV00074.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:51
XBV00075.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:51
XBV00076.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:51
XBV00077.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:51
XBV00078.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:52
XBV00079.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:52
XBV00080.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:52
XBV00081.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:52
XBV00082.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:53
XBV00083.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:53
XBV00084.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:53
XBV00085.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:53
XBV00086.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:54
XBV00087.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:54
XBV00088.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:54
XBV00089.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:54
XBV00090.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:55
XBV00091.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:55
XBV00092.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:55
XBV00093.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:55
XBV00094.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:56
XBV00095.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:56
XBV00096.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:56
XBV00097.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:56
XBV00098.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:57
XBV00099.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:57
XBV00100.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:57
XBV00101.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:57
XBV00102.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:58
XBV00103.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:58
XBV00104.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:58
XBV00105.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:58
XBV00106.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:59
XBV00107.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:59
XBV00108.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:26:59
XBV00109.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:00
XBV00110.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:00
XBV00111.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:00
XBV00112.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:00
XBV00113.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:01
XBV00114.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:01
XBV00115.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:01
XBV00116.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:01
XBV00117.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:02
XBV00118.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:02
XBV00119.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:02
XBV00120.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:03
XBV00121.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:03
XBV00122.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:03
XBV00123.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:03
XBV00124.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:04
XBV00125.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:04
XBV00126.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:04
XBV00127.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:04
XBV00128.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:05
XBV00129.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:05
XBV00130.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:05
XBV00131.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:05
XBV00132.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:06
XBV00133.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:06
XBV00134.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:06
XBV00135.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:06
XBV00136.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:07
XBV00137.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:07
XBV00138.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:07
XBV00139.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:07
XBV00140.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:08
XBV00141.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:08
XBV00142.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:08
XBV00143.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:08
XBV00144.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:09
XBV00145.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:09
XBV00146.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:09
XBV00147.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:09
XBV00148.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:10
XBV00149.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:10
XBV00150.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:10
XBV00151.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:11
XBV00152.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:11
XBV00153.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:11
XBV00154.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:11
XBV00155.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:12
XBV00156.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:12
XBV00157.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:12
XBV00158.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:13
XBV00159.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:13
XBV00160.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:13
XBV00161.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:13
XBV00162.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:14
XBV00163.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:14
XBV00164.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:14
XBV00165.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:14
XBV00166.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:15
XBV00167.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:15
XBV00168.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:15
XBV00169.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:15
XBV00170.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:16
XBV00171.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:16
XBV00172.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:16
XBV00173.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:16
XBV00174.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:17
XBV00175.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:17
XBV00176.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:17
XBV00177.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:17
XBV00178.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:18
XBV00179.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:18
XBV00180.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:18
XBV00181.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:18
XBV00182.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:19
XBV00183.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:19
XBV00184.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:19
XBV00185.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:20
XBV00186.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:20
XBV00187.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:20
XBV00188.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:20
XBV00189.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:21
XBV00190.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:21
XBV00191.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:21
XBV00192.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:21
XBV00193.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:22
XBV00194.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:22
XBV00195.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:22
XBV00196.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:22
XBV00197.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:23
XBV00198.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:23
XBV00199.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:23
XBV00200.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:23
XBV00201.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:24
XBV00202.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:24
XBV00203.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:24
XBV00204.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:24
XBV00205.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:25
XBV00206.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:25
XBV00207.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:25
XBV00208.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:25
XBV00209.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:26
XBV00210.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:26
XBV00211.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:26
XBV00212.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:26
XBV00213.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:27
XBV00214.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:27
XBV00215.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:29
XBV00216.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:35
XBV00217.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:39
XBV00218.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:39
XBV00219.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:39
XBV00220.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:40
XBV00221.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:40
XBV00222.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:40
XBV00223.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:52
XBV00224.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:53
XBV00225.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:55
XBV00226.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:57
XBV00227.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:59
XBV00228.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:59
XBV00229.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:27:59
XBV00230.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:00
XBV00231.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:00
XBV00232.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:00
XBV00233.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:00
XBV00234.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:04
XBV00235.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:09
XBV00236.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:12
XBV00237.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:15
XBV00238.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:19
XBV00239.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:20
XBV00240.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:20
XBV00241.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:20
XBV00242.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:21
XBV00243.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:22
XBV00244.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:23
XBV00245.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:24
XBV00246.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:26
XBV00247.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:26
XBV00248.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:28
XBV00249.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:28
XBV00250.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:28
XBV00251.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:29
XBV00252.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:29
XBV00253.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:30
XBV00254.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:30
XBV00255.VDF  : 8.11.178.32    2048 Bytes  14.10.2014 11:28:31
XBV00000.VDF  : 7.11.70.0  66736640 Bytes  04.04.2013 18:32:04
XBV00001.VDF  : 7.11.74.226  2201600 Bytes  30.04.2013 18:32:04
XBV00002.VDF  : 7.11.80.60  2751488 Bytes  28.05.2013 18:32:04
XBV00003.VDF  : 7.11.85.214  2162688 Bytes  21.06.2013 18:32:04
XBV00004.VDF  : 7.11.91.176  3903488 Bytes  23.07.2013 18:32:04
XBV00005.VDF  : 7.11.98.186  6822912 Bytes  29.08.2013 18:32:04
XBV00006.VDF  : 7.11.139.38 15708672 Bytes  27.03.2014 14:24:11
XBV00007.VDF  : 7.11.152.100  4193792 Bytes  02.06.2014 14:30:35
XBV00008.VDF  : 8.11.165.192  4251136 Bytes  07.08.2014 11:17:31
XBV00009.VDF  : 8.11.172.30  2094080 Bytes  15.09.2014 13:00:20
XBV00010.VDF  : 8.11.178.32  1581056 Bytes  14.10.2014 11:26:33
XBV00042.VDF  : 8.11.178.58    29696 Bytes  14.10.2014 18:07:05
XBV00043.VDF  : 8.11.178.60    2048 Bytes  14.10.2014 18:07:06
XBV00044.VDF  : 8.11.178.86    21504 Bytes  14.10.2014 10:44:57
XBV00045.VDF  : 8.11.178.88    11776 Bytes  15.10.2014 10:44:57
XBV00046.VDF  : 8.11.178.92    17408 Bytes  15.10.2014 10:44:58
XBV00047.VDF  : 8.11.178.94    2048 Bytes  15.10.2014 10:44:58
XBV00048.VDF  : 8.11.178.116    7680 Bytes  15.10.2014 10:44:59
XBV00049.VDF  : 8.11.178.136    21504 Bytes  15.10.2014 12:44:43
XBV00050.VDF  : 8.11.178.140    2048 Bytes  15.10.2014 12:44:43
XBV00051.VDF  : 8.11.178.162    32768 Bytes  15.10.2014 16:59:11
XBV00052.VDF  : 8.11.178.164    2048 Bytes  15.10.2014 16:59:19
XBV00053.VDF  : 8.11.178.166    14336 Bytes  15.10.2014 08:46:53
XBV00054.VDF  : 8.11.178.170    12800 Bytes  15.10.2014 08:46:55
XBV00055.VDF  : 8.11.178.190    4608 Bytes  15.10.2014 08:46:56
XBV00056.VDF  : 8.11.178.210    5120 Bytes  15.10.2014 08:46:57
XBV00057.VDF  : 8.11.178.230    17920 Bytes  16.10.2014 08:46:59
XBV00058.VDF  : 8.11.178.234    8704 Bytes  16.10.2014 10:48:01
XBV00059.VDF  : 8.11.178.236    13312 Bytes  16.10.2014 12:51:31
LOCAL001.VDF  : 8.11.178.236 111773184 Bytes  16.10.2014 12:51:52
Engineversion  : 8.3.24.38
AEVDF.DLL      : 8.3.1.6      133992 Bytes  26.08.2014 17:07:25
AESCRIPT.DLL  : 8.2.0.30      437104 Bytes  16.10.2014 12:51:20
AESCN.DLL      : 8.3.2.2      139456 Bytes  25.07.2014 09:01:21
AESBX.DLL      : 8.2.20.24    1409224 Bytes  08.06.2014 13:54:19
AERDL.DLL      : 8.2.0.138    704888 Bytes  02.12.2013 16:48:36
AEPACK.DLL    : 8.4.0.54      788392 Bytes  24.09.2014 13:06:34
AEOFFICE.DLL  : 8.3.0.32      223144 Bytes  16.10.2014 12:51:07
AEHEUR.DLL    : 8.1.4.1344  7609200 Bytes  16.10.2014 12:50:58
AEHELP.DLL    : 8.3.1.0      278728 Bytes  08.06.2014 13:52:20
AEGEN.DLL      : 8.1.7.30      453480 Bytes  26.09.2014 14:38:36
AEEXP.DLL      : 8.4.2.32      247712 Bytes  04.09.2014 18:25:40
AEEMU.DLL      : 8.1.3.4      399264 Bytes  07.08.2014 15:13:10
AEDROID.DLL    : 8.4.2.24      442568 Bytes  08.06.2014 13:54:27
AECORE.DLL    : 8.3.2.6      243712 Bytes  07.08.2014 15:13:07
AEBB.DLL      : 8.1.2.0        60448 Bytes  07.08.2014 15:13:04
AVWINLL.DLL    : 14.0.7.220    25904 Bytes  07.10.2014 09:20:33
AVPREF.DLL    : 14.0.7.220    52016 Bytes  07.10.2014 09:21:40
AVREP.DLL      : 14.0.7.220    220976 Bytes  07.10.2014 09:21:45
AVARKT.DLL    : 14.0.7.220    227632 Bytes  07.10.2014 09:20:41
AVEVTLOG.DLL  : 14.0.7.220    185080 Bytes  07.10.2014 09:21:04
SQLITE3.DLL    : 14.0.7.220    453936 Bytes  07.10.2014 09:25:55
AVSMTP.DLL    : 14.0.7.220    79096 Bytes  07.10.2014 09:22:12
NETNT.DLL      : 14.0.7.220    15152 Bytes  07.10.2014 09:25:04
RCIMAGE.DLL    : 14.0.7.220  4887856 Bytes  07.10.2014 09:20:33
RCTEXT.DLL    : 14.0.7.240    77048 Bytes  07.10.2014 09:20:33

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, E:, F:, G:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Freitag, 17. Oktober 2014  08:53

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, E:, F:, G:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '164' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '142' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgsvca.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'BingDesktopUpdater.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'cjpcsc.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '228' Modul(e) wurden durchsucht
Durchsuche Prozess 'GladFileMonSvc.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'IovstRouteService_win7.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'WOSVSSSvr.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'LSSrvc.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamscheduler.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'WrtMon.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'itype.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'usb3Monitor.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apoint.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'WrtProc.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'mdm.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'TomTomHOMERunner.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'MSI_LiveUpdate_Service.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'ocontrol.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'dpupdchk.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '100' Modul(e) wurden durchsucht
Durchsuche Prozess 'vprot.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'PdfCreate7Hook.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdfPro5Hook.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'acrotray.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguix.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '143' Modul(e) wurden durchsucht
Durchsuche Prozess 'PDFProFiltSrvPP.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'TomTomHOMEService.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'TuneUpUtilitiesService64.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'ToolbarUpdater.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'loggingserver.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '131' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'USBWService.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'TuneUpUtilitiesApp64.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avmailc7.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'avwebg7.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '114' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'OSPPSVC.EXE' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApMsgFwd.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'HidFind.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apntex.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'NASvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'daemonu.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '159' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_15_0_0_152.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_15_0_0_152.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'prevhost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'prevhost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'WicaInventory.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '9422' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <System>
Beginne mit der Suche in 'E:\' <Programme>
Beginne mit der Suche in 'F:\' <Daten>
Beginne mit der Suche in 'G:\' <Sicherung>
    [0] Archivtyp: RSRC
    --> C:\Windows\SysWOW64\Weihnachtszeit 3D Bildschirmschoner.scr
        [1] Archivtyp: RSRC
      --> C:\Windows\SysWOW64\Weihnachtszeit 3D Bildschirmschoner.scr
          [2] Archivtyp: RSRC
        --> E:\Downloads\blspeesetup.exe
            [3] Archivtyp: Inno Setup
          --> E:\Downloads\blspegsetup.exe
              [4] Archivtyp: Inno Setup
            --> F:\Eigene eBooks\Downloads\blspeesetup.exe
                [5] Archivtyp: Inno Setup
              --> F:\Eigene eBooks\Downloads\blspegsetup.exe
                  [6] Archivtyp: Inno Setup
                --> F:\Nero Local Autobackup\20090526_162845_Local Autobackup\K\Updates\CAD Programme\mkcad5prodeutsch.exe
                    [7] Archivtyp: OVL
                  --> C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20141017-085318-39394523\0000000E-1542336F
                      [8] Archivtyp: OVL
                    --> F:\Nero Local Autobackup\20090526_162845_Local Autobackup\K\Updates\CAD Programme\MKCAD5WorkDeutsch.exe
                        [9] Archivtyp: OVL
                      --> C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20141017-085318-39394523\0000000E-16312F43
                          [10] Archivtyp: OVL
                        --> F:\Nero Local Autobackup\20090526_162845_Local Autobackup\K\Updates\Telefon\Siemens M65\CDSetup3.04.25.1+SmartSync_de-DE.zip
                            [11] Archivtyp: ZIP
                          --> F:\Nero Local Autobackup\20090526_162845_Local Autobackup\K\Updates\Telefon\Siemens M65\Data1.cab
                              [12] Archivtyp: CAB (Microsoft)
                            --> F:\Updates\CAD Programme\mkcad5prodeutsch.exe
                                [13] Archivtyp: OVL
                              --> C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20141017-085318-39394523\0000000F-28A379E2
                                  [14] Archivtyp: OVL
                                --> F:\Updates\CAD Programme\MKCAD5WorkDeutsch.exe
                                    [15] Archivtyp: OVL
                                  --> C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20141017-085318-39394523\0000000F-299205E9
                                      [16] Archivtyp: OVL
                                    --> F:\Updates\Telefon\Siemens M65\CDSetup3.04.25.1+SmartSync_de-DE.zip
                                        [17] Archivtyp: ZIP
                                      --> F:\Updates\Telefon\Siemens M65\Data1.cab
                                          [18] Archivtyp: CAB (Microsoft)
                                        --> G:\AdwareCleaner\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
                                            [19] Archivtyp: RSRC
                                          --> G:\AdwareCleaner\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
                                              [20] Archivtyp: Runtime Packed
                                            --> G:\Dokumente und Einstellungen\Admin\Eigene Dateien\Downloads\blspeesetup.exe
                                                [21] Archivtyp: Inno Setup
                                              --> G:\Dokumente und Einstellungen\Admin\Eigene Dateien\Downloads\christmas3dde.exe
                                                  [22] Archivtyp: Inno Setup
                                                --> G:\Dokumente und Einstellungen\Admin\Eigene Dateien\Downloads\iTunes64Setup.exe
                                                    [23] Archivtyp: Inno Setup
                                                  --> Object
                                                      [FUND]      Enthält Erkennungsmuster der Adware ADWARE/InstallCore.Gen7
                                                      [WARNUNG]  Infizierte Dateien in Archiven können nicht repariert werden
G:\Dokumente und Einstellungen\Admin\Eigene Dateien\Downloads\iTunes64Setup.exe
  [FUND]      Enthält Erkennungsmuster der Adware ADWARE/InstallCore.Gen7

Beginne mit der Desinfektion:
G:\Dokumente und Einstellungen\Admin\Eigene Dateien\Downloads\iTunes64Setup.exe
  [FUND]      Enthält Erkennungsmuster der Adware ADWARE/InstallCore.Gen7
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '51b7bcbd.qua' verschoben!


Ende des Suchlaufs: Freitag, 17. Oktober 2014  15:46
Benötigte Zeit:  6:29:19 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  60314 Verzeichnisse wurden überprüft
 3946886 Dateien wurden geprüft
      2 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 3946884 Dateien ohne Befall
 105255 Archive wurden durchsucht
      1 Warnungen
      1 Hinweise
 1212667 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
MfG
Gerhard

schrauber 18.10.2014 09:52
Ich warte immer noch auf die Logs von FRST.

GerKK 18.10.2014 10:54
Trojaner auf dem Rechner
 
Hallo Schrauber, sorry ich bin absoluter Neuling auf dem Board.-
Mittlerweile habe ich das Gefühl, dass die Schadsoftware sich des Programms Nero bedient.
Nero Back it up möchte andauernd updaten, was ich bisher durch deaktivieren der Software in AVG verhindern konnte. Firefox habe ich gestern komplett unter Verlust aller gespeicherten Passwörter deinstalliert. Anbei die Datei.

Danke für deine Hilfe
MfG
Gerhard


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02
Ran by Gerhard (administrator) on GERHARD-PC on 16-10-2014 16:31:00
Running from G:\AdwareCleaner
Loaded Profiles: Gerhard & UpdatusUser (Available profiles: Gerhard & UpdatusUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\FirmwareFreewareMacro.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
() E:\ORICO\ORICO Tools\IovstRouteService_win7.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
(Nuance Communications, Inc.) E:\Nuance\PaperPort\PDFProFiltSrvPP.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Trinit-Soft) E:\USB Wächter\USBWService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(T-Com Bereich Endgeräte) E:\TOnline\OnlineControl\ocontrol.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Nuance Communications, Inc.) E:\PDF Create 7\PdfCreate7Hook.exe
(Nuance Communications, Inc.) E:\Nuance\PDFViewerPlus\pdfPro5Hook.exe
(Adobe Systems Inc.) E:\Adobe\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
() C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\LogNetRoot.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2012-03-26] (VIA Technologies, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [380760 2013-07-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => E:\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NsPrtMon] => C:\Program Files\NewSoft\Presto! PrintCentral\NsPrtMon.exe [42832 2009-09-11] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.01\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-09-07] ()
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [OmniPage Preload] => E:\ScanSoft18\OmniPage18.exe [2987880 2011-08-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => E:\PDF Create 7\pdfcreate7hook.exe [605032 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => E:\PDF Create 7\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => E:\Nuance\PaperPort\IndexSearch.exe [46368 2010-02-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => E:\Nuance\PDFViewerPlus\pdfpro5hook.exe [1369376 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => E:\Nuance\PDFViewerPlus\RegistryController.exe [62752 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1104912 2014-08-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero BackItUp\NBAgent.exe [2025816 2014-09-24] (Nero AG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPreload] => E:\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [TomTomHOME.exe] => "E:\TomTom HOME 2\TomTomHOMERunner.exe"
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesHelper] => E:\Samsung\Kies\KiesHelper.exe /s
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [OpAgent] => "OpAgent.exe" /agent
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-06-11] (AVG Secure Search)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {a4686039-67f6-11df-a1d0-806e6f6e6963} - K:\AUTORUN.EXE
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {b0dc9a48-a89c-11e1-9d81-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
IFEO\kies.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Office-Bibliothek-Direktsuche.lnk
ShortcutTarget: Office-Bibliothek-Direktsuche.lnk -> E:\Fremdwörterlexikon\PCLib.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlineControl.lnk
ShortcutTarget: OnlineControl.lnk -> E:\TOnline\OnlineControl\ocontrol.exe (T-Com Bereich Endgeräte)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2012 Zahlungserinnerung.lnk
ShortcutTarget: Quicken 2012 Zahlungserinnerung.lnk -> C:\Windows\Installer\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> E:\VR-NetWorld\vrtoolcheckorder.exe (VR-NetWorld Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> E:\WISO2013\mshaktuell.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BootExecute: autocheck autochk * bootdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:39691
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://isearch.avg.com/?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=12.2.5.32&sap=hp
hxxp://www.microsoft.com/windows/ie/searchguide/de-de/default.mspx?dcsref=hxxp://runonce.msn.com/runonce2.aspx#
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=BDT3&ocid=bdtdhp
URLSearchHook: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
URLSearchHook: HKCU - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=AC0AF970-ABE5-4AE2-989D-14A6F42B02E5&apn_sauid=3107F890-C314-4F1A-B0A5-F9A477BAE173
SearchScopes: HKCU - {65D51F5B-E716-48F8-AA2B-B0851599B02B} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {8C86B2E0-AD99-4008-9A1E-8526E0B00130} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BrowseToolE0191 Toolbar -> {40c3cc16-7269-4b32-9531-17f2950fb06f} -> C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> E:\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - E:\SteganosPM12\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default
FF DefaultSearchEngine: Bing
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.google.de/webhp?nord=1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\user.js
FF SearchPlugin: C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\searchplugins\bingp.xml
FF Extension: AVG Security Toolbar - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\avg@toolbar [2012-11-15]
FF Extension: Deutsches Wörterbuch - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\de-DE@dictionaries.addons.mozilla(2).org [2010-05-22]
FF Extension: Conduit Engine  - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\engine@conduit.com [2011-03-25]
FF Extension: Fast Dial - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\fastdial@telega.phpnet.us [2014-09-23]
FF Extension: Avira SafeSearch - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\safesearch@avira.com [2014-10-15]
FF Extension: WebViewer Firefox Plugin - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\WebViewer@3dis.de [2014-10-05]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-05-24]
FF Extension: BrowseToolE0191  - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} [2014-09-29]
FF Extension: Fire.fm - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3} [2013-04-10]
FF Extension: Add to Amazon Wish List Button - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\amznUWL2@amazon.com.xpi [2011-11-28]
FF Extension: DasTelefonbuch Firefox Toolbar - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\dastelefonbuchtoolbar@dastelefonbuch.de.xpi [2012-07-01]
FF Extension: preisspion.de - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\finder@meingutscheincode.de.xpi [2011-06-29]
FF Extension: JavaScript Deobfuscator - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2013-03-17]
FF Extension: JavaScript Debugger Deutsch (DE) Language Pack - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\langpack-de@venkman.mozilla.org.xpi [2013-03-17]
FF Extension: Lieferheld - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\lieferheld@extensions.partneraddons.de.xpi [2012-03-12]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-06-26]
FF Extension: AniWeather - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2011-06-23]
FF Extension: ImTranslator - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-08-12]
FF Extension: Adblock Plus - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-07-03]
FF Extension: DownThemAll! - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-10-15]
FF Extension: QuickJava - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013-03-17]
FF Extension: JavaScript Debugger - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\g3q041bo.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2013-03-17]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - E:\SteganosPM12\spmplugin3
FF Extension: Steganos Password Manager - E:\SteganosPM12\spmplugin3 [2010-06-02]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-09-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\Adobe\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\Adobe\Acrobat\Browser\WCFirefoxExtn [2012-04-05]
FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - E:\Mobile Master\ext\1
FF Extension: Mobile Master Add-In - E:\Mobile Master\ext\1 [2014-09-30]
FF Extension: No Name - {00F0643E-B367-4779-B45D-7046EBA37A88} [Not Found]
FF StartMenuInternet: FIREFOX.EXE - E:\Firefox\firefox.exe

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [806704 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [846864 2014-08-20] (AVG Technologies CZ, s.r.o.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 FirmwareFreewareMacro.exe; C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\FirmwareFreewareMacro.exe [129061 2014-10-12] () [File not signed]
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2011-07-26] (Gladinet, INC)
R2 IovstRouterService; E:\ORICO\ORICO Tools\IovstRouteService_win7.exe [20480 2010-12-16] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S2 MBAMScheduler; E:\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; E:\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 Microsoft Office Groove Audit Service; E:\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
R2 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [273248 2014-09-24] (Nero AG)
R2 PDFProFiltSrvPP; E:\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-02-11] (Nuance Communications, Inc.)
S3 TDslMgrService; E:\TOnline\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2538808 2014-09-04] (AVG Technologies)
R2 USBWaechter; E:\USB Wächter\USBWService.exe [2403840 2010-07-10] (Trinit-Soft) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S2 HPSLPSVC; C:\Users\Gerhard\AppData\Local\Temp\7zS5C53\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-07] (Avira Operations GmbH & Co. KG)
S2 CdaC15BA; C:\Windows\SysWOW64\drivers\CDAC15BA.SYS [8864 2011-06-17] () [File not signed]
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-10-25] (Devguru Co., Ltd)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-15] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-10-16] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2010-05-28] (Paragon Software Group)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-11-23] (Duplex Secure Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-08-28] (TuneUp Software)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [256000 2012-03-26] (VIA Technologies, Inc.)
S3 cpuz132; \??\C:\Users\Gerhard\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 15:57 - 2014-10-16 15:57 - 00000020 _____ () C:\Users\Gerhard\defogger_reenable
2014-10-16 14:13 - 2014-10-16 14:13 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-10-16 14:11 - 2014-10-16 14:11 - 00044996 _____ () C:\Windows\system32\.crusader
2014-10-16 13:32 - 2014-10-16 14:12 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-16 13:15 - 2014-10-16 16:31 - 00000000 ____D () C:\FRST
2014-10-16 12:25 - 2014-10-16 12:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2014-10-15 20:23 - 2014-10-15 20:23 - 00001143 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-15 13:43 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 13:43 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 13:43 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 13:43 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 13:43 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 13:43 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 13:43 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 13:43 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 13:43 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 13:43 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 13:43 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 13:43 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 13:43 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 13:43 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 13:43 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 13:43 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 13:43 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 13:43 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 13:43 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 13:42 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 13:42 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 13:42 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 13:42 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 13:42 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 13:42 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 13:42 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 13:42 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 13:42 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 13:42 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 13:42 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 13:42 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 13:42 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 13:42 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 13:42 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 13:42 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 13:42 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 13:42 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 13:42 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 13:42 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 13:42 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 13:42 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 13:42 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 13:42 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 13:42 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 13:41 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 13:41 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 13:41 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 13:41 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 13:41 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 13:41 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 13:41 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 13:41 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 13:41 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 13:41 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 13:41 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 13:40 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 13:40 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 13:40 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 13:40 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 13:40 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 13:40 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 13:40 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 13:40 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 13:40 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 13:40 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 13:40 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 13:40 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 13:40 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 13:40 - 2014-09-20 04:43 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-15 13:40 - 2014-09-20 04:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-15 13:34 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 13:34 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 13:34 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 13:34 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 13:34 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 13:34 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 13:34 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 13:28 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 13:28 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 13:28 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 13:28 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 13:28 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 13:28 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 13:26 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 13:26 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 13:26 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 13:26 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 13:26 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 13:26 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 20:39 - 2014-10-16 16:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-14 20:38 - 2014-10-14 20:38 - 00000622 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-14 20:38 - 2014-10-14 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-14 20:38 - 2014-10-14 20:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-14 20:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-14 20:38 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-14 20:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-14 20:25 - 2014-10-15 13:10 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-10-14 20:25 - 2014-10-14 20:25 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Abelssoft
2014-10-14 20:25 - 2014-10-14 20:25 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Abelssoft
2014-10-14 20:25 - 2014-10-14 20:25 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-14 20:24 - 2014-10-15 13:10 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-10-14 20:11 - 2014-10-14 20:11 - 00000000 ____D () C:\ProgramData\Mozilla
2014-10-14 20:10 - 2014-10-14 20:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-14 18:59 - 2014-10-14 18:59 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\CheckCode
2014-10-12 14:21 - 2014-10-12 14:21 - 00000611 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-12 14:21 - 2014-10-12 14:21 - 00000611 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-12 14:00 - 2014-10-12 14:00 - 00301608 _____ (VuuPC Limited) C:\Users\Gerhard\AppData\Local\nsc91A4.tmp
2014-10-12 13:42 - 2014-10-16 14:11 - 00000000 ____D () C:\Windows\SysWOW64\CronODBCSprite
2014-10-12 13:42 - 2014-10-12 14:14 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro
2014-10-11 17:37 - 2014-10-11 17:37 - 00002041 _____ () C:\Users\Public\Desktop\MSI Live Update 6.lnk
2014-10-11 17:37 - 2014-10-11 17:37 - 00000000 ____D () C:\MSILU
2014-10-10 12:03 - 2014-10-10 12:07 - 00000000 ____D () C:\Users\Gerhard\HDR Projects
2014-10-10 12:02 - 2014-10-10 12:02 - 00000726 _____ () C:\Users\Public\Desktop\HDR Projects platin (64-Bit).lnk
2014-10-10 12:02 - 2014-10-10 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2014-10-09 20:24 - 2014-10-09 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-09 20:16 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-09 20:16 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-09 18:46 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-09 18:46 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-09 18:46 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-09 18:46 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-09 18:46 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-09 18:46 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-09 18:46 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-10-09 16:28 - 2014-10-09 16:28 - 00000710 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-10-09 16:27 - 2013-12-30 03:54 - 00233472 _____ (Teruten) C:\Windows\SysWOW64\FsUsbExService.Exe
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sys
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sy_
2014-10-09 16:27 - 2011-11-29 17:40 - 00110592 _____ () C:\Windows\SysWOW64\FsUsbExDevice.Dll
2014-10-09 15:32 - 2014-10-09 19:57 - 00002841 _____ () C:\Users\Public\Desktop\Nero 2015.lnk
2014-10-09 15:30 - 2014-10-09 19:59 - 00002115 _____ () C:\Users\Public\Desktop\Nero MediaHome.lnk
2014-10-09 15:22 - 2014-10-15 20:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebViewer
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Program Files (x86)\WebViewer
2014-10-05 10:32 - 2014-10-05 10:32 - 00000901 _____ () C:\Users\Public\Desktop\QuickLOAD De-Installation.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000627 _____ () C:\Users\Public\Desktop\QuickLOAD Liste der Messläufe.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000615 _____ () C:\Users\Public\Desktop\QuickTARGET Unlimited Handbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000608 _____ () C:\Users\Public\Desktop\QuickTARGET Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000604 _____ () C:\Users\Public\Desktop\QuickLOAD Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000596 _____ () C:\Users\Public\Desktop\QuickLOAD Wichtig!.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000592 _____ () C:\Users\Public\Desktop\QuickTARGETUnlimited.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000577 _____ () C:\Users\Public\Desktop\QuickTARGET.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000573 _____ () C:\Users\Public\Desktop\QuickLOAD.lnk
2014-10-05 10:29 - 2014-10-05 10:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickLOAD
2014-10-05 10:29 - 2012-02-16 15:46 - 00139264 _____ (Axis Controls Ltd) C:\Windows\SysWOW64\SComm32.ocx
2014-10-05 08:46 - 2014-10-05 08:46 - 00002114 _____ () C:\Users\Gerhard\Desktop\AVG 1-Klick-Wartung.lnk
2014-10-01 09:19 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:19 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 16:31 - 2014-09-30 16:31 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Mobile Master
2014-09-30 14:07 - 2014-09-30 14:07 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-30 14:01 - 2014-10-02 13:13 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Mobile Master
2014-09-30 14:01 - 2014-09-30 14:01 - 00000000 ____D () C:\ProgramData\Mobile Master
2014-09-30 14:00 - 2014-09-30 14:00 - 00000688 _____ () C:\Users\Public\Desktop\Mobile Master.lnk
2014-09-30 14:00 - 2014-09-30 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Master
2014-09-30 13:59 - 2014-09-30 13:59 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Jumping Bytes
2014-09-30 09:59 - 2014-09-30 09:59 - 00002969 _____ () C:\Users\Public\Desktop\Nero BackItUp.lnk
2014-09-25 13:38 - 2014-09-25 13:38 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-09-24 18:56 - 2014-09-24 18:56 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-09-24 18:40 - 2014-09-24 18:40 - 00002223 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-09-24 18:40 - 2014-09-24 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2014-09-24 18:40 - 2014-09-04 13:23 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-09-24 18:40 - 2014-09-04 13:23 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-09-24 18:40 - 2014-09-04 13:23 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-09-24 18:39 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\AVG
2014-09-24 16:55 - 2014-09-24 16:55 - 00000936 _____ () C:\Users\Public\Desktop\AVG.lnk
2014-09-24 16:55 - 2014-09-24 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2014-09-24 14:57 - 2014-10-05 09:48 - 00000000 ____D () C:\ProgramData\Avg
2014-09-24 14:57 - 2014-09-24 18:39 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-09-24 14:44 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Avg
2014-09-24 14:44 - 2014-09-24 18:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\AvgSetupLog
2014-09-24 09:31 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:31 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 08:24 - 2014-09-24 08:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VR-IBAN-Konverter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 16:22 - 2010-05-25 14:16 - 01547436 _____ () C:\Windows\WindowsUpdate.log
2014-10-16 16:22 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 16:22 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 16:12 - 2010-08-30 18:43 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-16 16:11 - 2010-06-30 10:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 16:09 - 2013-08-05 07:38 - 00020983 _____ () C:\Windows\setupact.log
2014-10-16 16:09 - 2010-05-27 12:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-16 16:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 16:08 - 2013-08-05 07:38 - 03890396 _____ () C:\Windows\PFRO.log
2014-10-16 16:08 - 2012-04-02 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-16 16:07 - 2010-06-30 10:15 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 15:57 - 2010-05-25 14:24 - 00000000 ____D () C:\Users\Gerhard
2014-10-16 15:51 - 2012-04-22 15:09 - 55886848 _____ () C:\Users\Gerhard\Documents\Outlook.pst
2014-10-15 20:23 - 2013-11-25 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-15 20:23 - 2013-11-25 19:18 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-15 20:23 - 2010-05-25 16:42 - 00000000 ____D () C:\ProgramData\Avira
2014-10-15 16:15 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-15 16:01 - 2013-08-05 07:38 - 00508984 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 15:56 - 2014-06-09 00:07 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 15:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-15 15:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 15:50 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Corel
2014-10-15 15:37 - 2010-05-25 14:36 - 00001838 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2014-10-15 15:37 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\Documents\Meine PSP-Dateien
2014-10-15 14:33 - 2010-05-25 17:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 14:15 - 2013-08-01 19:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:55 - 2010-05-25 19:47 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 13:43 - 2012-03-19 15:11 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\gladinet
2014-10-15 13:24 - 2010-05-25 17:07 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Microsoft Help
2014-10-14 21:45 - 2010-05-26 15:28 - 00013030 _____ () C:\Users\Public\PDOXUSRS.NET
2014-10-14 21:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-14 21:16 - 2010-09-30 20:32 - 00000000 ____D () C:\Program Files (x86)\Winload
2014-10-14 20:48 - 2013-08-04 13:24 - 00148776 _____ () C:\Users\Gerhard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-12 13:14 - 2009-07-14 19:58 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-10-12 13:14 - 2009-07-14 19:58 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-10-12 13:14 - 2009-07-14 07:13 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-10-10 11:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-09 20:16 - 2011-06-25 15:15 - 00000000 ____D () C:\Temp
2014-10-09 20:16 - 2010-07-18 15:22 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-09 19:59 - 2012-01-14 15:20 - 00002924 _____ () C:\Windows\System32\Tasks\{30E14213-C4CA-4811-9144-5CF8007FFA2E}
2014-10-09 19:59 - 2011-12-23 16:24 - 00002924 _____ () C:\Windows\System32\Tasks\{FC43D33C-9413-48F6-8749-E800708016B1}
2014-10-09 19:59 - 2011-10-28 13:18 - 00002924 _____ () C:\Windows\System32\Tasks\{699649F9-5C0D-4FD7-AD24-617669546763}
2014-10-09 19:59 - 2011-10-28 13:06 - 00002924 _____ () C:\Windows\System32\Tasks\{021D9944-64AF-4BC5-A0FB-1043595DA4C9}
2014-10-09 19:59 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-10-09 18:46 - 2010-05-27 12:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-09 18:20 - 2010-06-15 11:44 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Nero
2014-10-09 16:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-09 16:37 - 2011-06-25 18:45 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-10-09 15:57 - 2010-06-01 12:33 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Nero
2014-10-09 15:33 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Nero
2014-10-08 13:32 - 2010-06-01 13:53 - 00000000 ____D () C:\VueScan
2014-10-07 20:25 - 2012-09-13 17:09 - 00000000 ____D () C:\Users\Public\Documents\Quickload
2014-10-07 11:21 - 2013-11-25 19:18 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-30 19:35 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-30 09:59 - 2013-10-20 13:58 - 00003726 _____ () C:\Windows\System32\Tasks\Gerhards Dateisicherung 15 0
2014-09-30 09:59 - 2010-08-25 16:19 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-09-24 08:26 - 2013-12-01 20:26 - 00000041 _____ () C:\Users\Public\IK_PosLen.dat
2014-09-24 08:24 - 2013-05-28 15:59 - 00001569 _____ () C:\Users\Public\Desktop\VR-IBAN-Konverter.lnk
2014-09-24 08:23 - 2013-05-28 15:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\VR-IK
2014-09-23 21:10 - 2012-04-02 18:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 21:10 - 2012-04-02 18:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 21:10 - 2011-05-20 13:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-21 15:29 - 2011-11-23 14:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Standard.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00001559 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Standard.lnk

Files to move or delete:
====================
C:\Users\Public\IK_PosLen.dat
C:\Users\Public\VR-IBAN-Konverter.dat


Some content of TEMP:
====================
C:\Users\Gerhard\AppData\Local\Temp\avgnt.exe
C:\Users\Gerhard\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Gerhard\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Gerhard\AppData\Local\Temp\DRHelper_uninstallComplete.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 16:07

==================== End Of Log ============================
--- --- ---

GerKK 18.10.2014 13:50
Hallo Schrauber, anbei die letzten Logs zur Auswertung. Bin jetzt für den Rest des Tages nicht mehr online, da ich meinem Sohn helfen muss. Danke vorab für deine Hilfe.

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Gerhard (administrator) on GERHARD-PC on 18-10-2014 14:02:46
Running from G:\AdwareCleaner
Loaded Profiles: Gerhard & UpdatusUser (Available profiles: Gerhard & UpdatusUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\FirmwareFreewareMacro.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
() E:\ORICO\ORICO Tools\IovstRouteService_win7.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
(Nuance Communications, Inc.) E:\Nuance\PaperPort\PDFProFiltSrvPP.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Trinit-Soft) E:\USB Wächter\USBWService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
() C:\Users\Gerhard\AppData\Roaming\InetStat\inetstat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(T-Com Bereich Endgeräte) E:\TOnline\OnlineControl\ocontrol.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Nuance Communications, Inc.) E:\PDF Create 7\PdfCreate7Hook.exe
(Nuance Communications, Inc.) E:\Nuance\PDFViewerPlus\pdfPro5Hook.exe
(Adobe Systems Inc.) E:\Adobe\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
() C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\LogNetRoot.exe
() C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2012-03-26] (VIA Technologies, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [380760 2013-07-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => E:\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NsPrtMon] => C:\Program Files\NewSoft\Presto! PrintCentral\NsPrtMon.exe [42832 2009-09-11] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.01\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-09-07] ()
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [OmniPage Preload] => E:\ScanSoft18\OmniPage18.exe [2987880 2011-08-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => E:\PDF Create 7\pdfcreate7hook.exe [605032 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => E:\PDF Create 7\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => E:\Nuance\PaperPort\IndexSearch.exe [46368 2010-02-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => E:\Nuance\PDFViewerPlus\pdfpro5hook.exe [1369376 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => E:\Nuance\PDFViewerPlus\RegistryController.exe [62752 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-10-09] (APN)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1104912 2014-08-20] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPreload] => E:\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [InetStat] => C:\Users\Gerhard\AppData\Roaming\InetStat\inetstat.exe [700430 2014-10-12] ()
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [TomTomHOME.exe] => "E:\TomTom HOME 2\TomTomHOMERunner.exe"
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesHelper] => E:\Samsung\Kies\KiesHelper.exe /s
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [OpAgent] => "OpAgent.exe" /agent
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-06-11] (AVG Secure Search)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {a4686039-67f6-11df-a1d0-806e6f6e6963} - K:\AUTORUN.EXE
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {b0dc9a48-a89c-11e1-9d81-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
IFEO\kies.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Office-Bibliothek-Direktsuche.lnk
ShortcutTarget: Office-Bibliothek-Direktsuche.lnk -> E:\Fremdwörterlexikon\PCLib.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlineControl.lnk
ShortcutTarget: OnlineControl.lnk -> E:\TOnline\OnlineControl\ocontrol.exe (T-Com Bereich Endgeräte)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2012 Zahlungserinnerung.lnk
ShortcutTarget: Quicken 2012 Zahlungserinnerung.lnk -> C:\Windows\Installer\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> E:\VR-NetWorld\vrtoolcheckorder.exe (VR-NetWorld Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> E:\WISO2013\mshaktuell.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:36169
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://isearch.avg.com/?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=12.2.5.32&sap=hp
hxxp://www.microsoft.com/windows/ie/searchguide/de-de/default.mspx?dcsref=hxxp://runonce.msn.com/runonce2.aspx#
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=BDT3&ocid=bdtdhp
URLSearchHook: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
URLSearchHook: HKCU - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=AC0AF970-ABE5-4AE2-989D-14A6F42B02E5&apn_sauid=3107F890-C314-4F1A-B0A5-F9A477BAE173
SearchScopes: HKCU - {65D51F5B-E716-48F8-AA2B-B0851599B02B} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {8C86B2E0-AD99-4008-9A1E-8526E0B00130} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BrowseToolE0191 Toolbar -> {40c3cc16-7269-4b32-9531-17f2950fb06f} -> C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> E:\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - E:\SteganosPM12\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - E:\SteganosPM12\spmplugin3
FF Extension: Steganos Password Manager - E:\SteganosPM12\spmplugin3 [2010-06-02]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-09-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\Adobe\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\Adobe\Acrobat\Browser\WCFirefoxExtn [2012-04-05]
FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - E:\Mobile Master\ext\1
FF Extension: Mobile Master Add-In - E:\Mobile Master\ext\1 [2014-09-30]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [806704 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-20] (APN LLC.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [846864 2014-08-20] (AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 CronODBCSprite; C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe [60453 2014-10-12] () [File not signed]
R2 FirmwareFreewareMacro.exe; C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\FirmwareFreewareMacro.exe [129061 2014-10-12] () [File not signed]
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2011-07-26] (Gladinet, INC)
R2 IovstRouterService; E:\ORICO\ORICO Tools\IovstRouteService_win7.exe [20480 2010-12-16] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 Microsoft Office Groove Audit Service; E:\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
R2 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [273248 2014-09-24] (Nero AG)
R2 PDFProFiltSrvPP; E:\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-02-11] (Nuance Communications, Inc.)
S3 TDslMgrService; E:\TOnline\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2538808 2014-09-04] (AVG Technologies)
R2 USBWaechter; E:\USB Wächter\USBWService.exe [2403840 2010-07-10] (Trinit-Soft) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S2 HPSLPSVC; C:\Users\Gerhard\AppData\Local\Temp\7zS5C53\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-07] (Avira Operations GmbH & Co. KG)
S2 CdaC15BA; C:\Windows\SysWOW64\drivers\CDAC15BA.SYS [8864 2011-06-17] () [File not signed]
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-10-25] (Devguru Co., Ltd)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-15] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2010-05-28] (Paragon Software Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-11-23] (Duplex Secure Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-08-28] (TuneUp Software)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [256000 2012-03-26] (VIA Technologies, Inc.)
S3 cpuz132; \??\C:\Users\Gerhard\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 14:02 - 2014-10-18 14:02 - 00000000 ____D () C:\FRST
2014-10-18 13:17 - 2014-10-18 13:17 - 00000020 _____ () C:\Users\Gerhard\defogger_reenable
2014-10-18 11:14 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 11:14 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 10:46 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 10:46 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 09:40 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 09:40 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 09:38 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 09:38 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-18 09:38 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 09:38 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 09:10 - 2014-10-18 13:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-18 09:09 - 2014-10-18 09:09 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-18 09:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-18 09:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-18 09:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-17 19:19 - 2014-10-17 19:19 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\CheckCode
2014-10-12 14:16 - 2014-10-12 14:16 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-12 14:16 - 2014-10-12 14:16 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\InetStat
2014-10-12 14:00 - 2014-10-12 14:00 - 00301608 _____ (VuuPC Limited) C:\Users\Gerhard\AppData\Local\nsc91A4.tmp
2014-10-12 14:00 - 2014-10-12 14:00 - 00000830 _____ () C:\Users\Gerhard\Desktop\Continue VuuPC Installation.lnk
2014-10-12 13:42 - 2014-10-12 14:14 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro
2014-10-12 13:42 - 2014-10-12 13:42 - 00000000 ____D () C:\Windows\SysWOW64\CronODBCSprite
2014-10-12 13:35 - 2014-10-18 12:29 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\StormWatch
2014-10-11 17:37 - 2014-10-11 17:37 - 00002041 _____ () C:\Users\Public\Desktop\MSI Live Update 6.lnk
2014-10-11 17:37 - 2014-10-11 17:37 - 00000000 ____D () C:\MSILU
2014-10-10 12:03 - 2014-10-10 12:07 - 00000000 ____D () C:\Users\Gerhard\HDR Projects
2014-10-10 12:02 - 2014-10-10 12:02 - 00000726 _____ () C:\Users\Public\Desktop\HDR Projects platin (64-Bit).lnk
2014-10-10 12:02 - 2014-10-10 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2014-10-09 20:24 - 2014-10-09 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-09 20:16 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-09 20:16 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-09 18:46 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-09 18:46 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-09 18:46 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-09 18:46 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-09 18:46 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-09 18:46 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-09 18:46 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-10-09 16:28 - 2014-10-09 16:28 - 00000710 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-10-09 16:27 - 2013-12-30 03:54 - 00233472 _____ (Teruten) C:\Windows\SysWOW64\FsUsbExService.Exe
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sys
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sy_
2014-10-09 16:27 - 2011-11-29 17:40 - 00110592 _____ () C:\Windows\SysWOW64\FsUsbExDevice.Dll
2014-10-09 15:32 - 2014-10-09 19:57 - 00002841 _____ () C:\Users\Public\Desktop\Nero 2015.lnk
2014-10-09 15:30 - 2014-10-09 19:59 - 00002115 _____ () C:\Users\Public\Desktop\Nero MediaHome.lnk
2014-10-09 15:22 - 2014-10-09 15:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebViewer
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Program Files (x86)\WebViewer
2014-10-05 10:32 - 2014-10-05 10:32 - 00000901 _____ () C:\Users\Public\Desktop\QuickLOAD De-Installation.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000627 _____ () C:\Users\Public\Desktop\QuickLOAD Liste der Messläufe.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000615 _____ () C:\Users\Public\Desktop\QuickTARGET Unlimited Handbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000608 _____ () C:\Users\Public\Desktop\QuickTARGET Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000604 _____ () C:\Users\Public\Desktop\QuickLOAD Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000596 _____ () C:\Users\Public\Desktop\QuickLOAD Wichtig!.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000592 _____ () C:\Users\Public\Desktop\QuickTARGETUnlimited.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000577 _____ () C:\Users\Public\Desktop\QuickTARGET.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000573 _____ () C:\Users\Public\Desktop\QuickLOAD.lnk
2014-10-05 10:29 - 2014-10-05 10:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickLOAD
2014-10-05 10:29 - 2012-02-16 15:46 - 00139264 _____ (Axis Controls Ltd) C:\Windows\SysWOW64\SComm32.ocx
2014-10-05 08:46 - 2014-10-05 08:46 - 00002114 _____ () C:\Users\Gerhard\Desktop\AVG 1-Klick-Wartung.lnk
2014-10-01 09:19 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:19 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 16:31 - 2014-09-30 16:31 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Mobile Master
2014-09-30 14:07 - 2014-09-30 14:07 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-30 14:01 - 2014-10-02 13:13 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Mobile Master
2014-09-30 14:01 - 2014-09-30 14:01 - 00000000 ____D () C:\ProgramData\Mobile Master
2014-09-30 14:00 - 2014-09-30 14:00 - 00000688 _____ () C:\Users\Public\Desktop\Mobile Master.lnk
2014-09-30 14:00 - 2014-09-30 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Master
2014-09-30 13:59 - 2014-09-30 13:59 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Jumping Bytes
2014-09-30 09:59 - 2014-09-30 09:59 - 00002969 _____ () C:\Users\Public\Desktop\Nero BackItUp.lnk
2014-09-25 13:38 - 2014-09-25 13:38 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-09-24 18:56 - 2014-09-24 18:56 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-09-24 18:40 - 2014-09-24 18:40 - 00002223 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-09-24 18:40 - 2014-09-24 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2014-09-24 18:40 - 2014-09-04 13:23 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-09-24 18:40 - 2014-09-04 13:23 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-09-24 18:40 - 2014-09-04 13:23 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-09-24 18:39 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\AVG
2014-09-24 16:55 - 2014-09-24 16:55 - 00000936 _____ () C:\Users\Public\Desktop\AVG.lnk
2014-09-24 16:55 - 2014-09-24 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2014-09-24 14:57 - 2014-10-05 09:48 - 00000000 ____D () C:\ProgramData\Avg
2014-09-24 14:57 - 2014-09-24 18:39 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-09-24 14:44 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Avg
2014-09-24 14:44 - 2014-09-24 18:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\AvgSetupLog
2014-09-24 09:31 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:31 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 08:24 - 2014-09-24 08:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VR-IBAN-Konverter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 13:29 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-18 13:29 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-18 13:21 - 2010-08-30 18:43 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-18 13:20 - 2010-06-30 10:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-18 13:18 - 2013-08-05 07:38 - 03758278 _____ () C:\Windows\PFRO.log
2014-10-18 13:18 - 2013-08-05 07:38 - 00020423 _____ () C:\Windows\setupact.log
2014-10-18 13:18 - 2010-05-27 12:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-18 13:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-18 13:17 - 2010-05-25 14:24 - 00000000 ____D () C:\Users\Gerhard
2014-10-18 13:17 - 2010-05-25 14:16 - 01845369 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 13:08 - 2012-04-02 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 13:06 - 2010-06-30 10:15 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 12:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss
2014-10-18 12:29 - 2010-09-30 20:32 - 00000000 ____D () C:\Program Files (x86)\Winload
2014-10-18 11:55 - 2012-04-22 15:09 - 55886848 _____ () C:\Users\Gerhard\Documents\Outlook.pst
2014-10-18 11:00 - 2013-08-05 07:38 - 00505416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 10:20 - 2010-05-25 17:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-18 10:12 - 2013-08-01 19:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 10:11 - 2009-07-14 19:58 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-10-18 10:11 - 2009-07-14 19:58 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-10-18 10:11 - 2009-07-14 07:13 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-18 09:53 - 2010-05-25 19:47 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 19:42 - 2010-05-25 14:24 - 00000000 __SHD () C:\Recovery
2014-10-17 19:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-10-11 17:07 - 2010-05-26 15:28 - 00013030 _____ () C:\Users\Public\PDOXUSRS.NET
2014-10-10 11:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-09 20:16 - 2011-06-25 15:15 - 00000000 ____D () C:\Temp
2014-10-09 20:16 - 2010-07-18 15:22 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-09 19:59 - 2012-01-14 15:20 - 00002924 _____ () C:\Windows\System32\Tasks\{30E14213-C4CA-4811-9144-5CF8007FFA2E}
2014-10-09 19:59 - 2011-12-23 16:24 - 00002924 _____ () C:\Windows\System32\Tasks\{FC43D33C-9413-48F6-8749-E800708016B1}
2014-10-09 19:59 - 2011-10-28 13:18 - 00002924 _____ () C:\Windows\System32\Tasks\{699649F9-5C0D-4FD7-AD24-617669546763}
2014-10-09 19:59 - 2011-10-28 13:06 - 00002924 _____ () C:\Windows\System32\Tasks\{021D9944-64AF-4BC5-A0FB-1043595DA4C9}
2014-10-09 19:59 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-10-09 18:46 - 2010-05-27 12:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-09 18:20 - 2010-06-15 11:44 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Nero
2014-10-09 16:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-09 16:37 - 2011-06-25 18:45 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-10-09 15:57 - 2010-06-01 12:33 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Nero
2014-10-09 15:33 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Nero
2014-10-08 13:33 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Corel
2014-10-08 13:32 - 2010-06-01 13:53 - 00000000 ____D () C:\VueScan
2014-10-08 13:32 - 2010-05-25 14:36 - 00001838 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2014-10-08 13:32 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\Documents\Meine PSP-Dateien
2014-10-07 20:25 - 2012-09-13 17:09 - 00000000 ____D () C:\Users\Public\Documents\Quickload
2014-10-07 11:21 - 2013-11-25 19:18 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-05 09:52 - 2013-08-04 13:24 - 00146736 _____ () C:\Users\Gerhard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-30 19:35 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-30 09:59 - 2013-10-20 13:58 - 00003726 _____ () C:\Windows\System32\Tasks\Gerhards Dateisicherung 15 0
2014-09-30 09:59 - 2010-08-25 16:19 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-09-24 08:26 - 2013-12-01 20:26 - 00000041 _____ () C:\Users\Public\IK_PosLen.dat
2014-09-24 08:24 - 2013-05-28 15:59 - 00001569 _____ () C:\Users\Public\Desktop\VR-IBAN-Konverter.lnk
2014-09-24 08:23 - 2013-05-28 15:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\VR-IK
2014-09-23 21:10 - 2012-04-02 18:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 21:10 - 2012-04-02 18:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 21:10 - 2011-05-20 13:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-21 15:29 - 2011-11-23 14:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Standard.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00001559 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Standard.lnk

Files to move or delete:
====================
C:\Users\Public\IK_PosLen.dat
C:\Users\Public\VR-IBAN-Konverter.dat


Some content of TEMP:
====================
C:\Users\Gerhard\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 16:07

==================== End Of Log ============================
--- --- ---

--- --- ---


Gmer LogGMER Logfile:
Code:
GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Rootkit scan 2014-10-18 14:38:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD7501AALS-00J7B0 rev.05.00K05 698,64GB
Running: GerKK234.exe; Driver: C:\Users\Gerhard\AppData\Local\Temp\uxlirfow.sys


---- Registry - GMER 2.1 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                E:\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x83 0xAC 0x0F 0xBE ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0xA0 0x02 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0x05 0x7F 0xCC 0x7C ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x2C 0x49 0x79 0xC9 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    E:\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x83 0xAC 0x0F 0xBE ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0xA0 0x02 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0x05 0x7F 0xCC 0x7C ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x2C 0x49 0x79 0xC9 ...

---- EOF - GMER 2.1 ----
--- --- ---
Mfg
Gerhard

Hallo Schrauber, anbei die letzten Logs zur Auswertung. Bin jetzt für den Rest des Tages nicht mehr online, da ich meinem Sohn helfen muss. Danke vorab für deine Hilfe.

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Gerhard (administrator) on GERHARD-PC on 18-10-2014 14:02:46
Running from G:\AdwareCleaner
Loaded Profiles: Gerhard & UpdatusUser (Available profiles: Gerhard & UpdatusUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\FirmwareFreewareMacro.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
() E:\ORICO\ORICO Tools\IovstRouteService_win7.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
(Nuance Communications, Inc.) E:\Nuance\PaperPort\PDFProFiltSrvPP.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Trinit-Soft) E:\USB Wächter\USBWService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
() C:\Users\Gerhard\AppData\Roaming\InetStat\inetstat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(T-Com Bereich Endgeräte) E:\TOnline\OnlineControl\ocontrol.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Nuance Communications, Inc.) E:\PDF Create 7\PdfCreate7Hook.exe
(Nuance Communications, Inc.) E:\Nuance\PDFViewerPlus\pdfPro5Hook.exe
(Adobe Systems Inc.) E:\Adobe\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
() C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\LogNetRoot.exe
() C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2012-03-26] (VIA Technologies, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [380760 2013-07-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => E:\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NsPrtMon] => C:\Program Files\NewSoft\Presto! PrintCentral\NsPrtMon.exe [42832 2009-09-11] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.01\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-09-07] ()
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [OmniPage Preload] => E:\ScanSoft18\OmniPage18.exe [2987880 2011-08-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => E:\PDF Create 7\pdfcreate7hook.exe [605032 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => E:\PDF Create 7\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => E:\Nuance\PaperPort\IndexSearch.exe [46368 2010-02-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => E:\Nuance\PDFViewerPlus\pdfpro5hook.exe [1369376 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => E:\Nuance\PDFViewerPlus\RegistryController.exe [62752 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-10-09] (APN)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1104912 2014-08-20] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPreload] => E:\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [InetStat] => C:\Users\Gerhard\AppData\Roaming\InetStat\inetstat.exe [700430 2014-10-12] ()
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [TomTomHOME.exe] => "E:\TomTom HOME 2\TomTomHOMERunner.exe"
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesHelper] => E:\Samsung\Kies\KiesHelper.exe /s
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [OpAgent] => "OpAgent.exe" /agent
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-06-11] (AVG Secure Search)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {a4686039-67f6-11df-a1d0-806e6f6e6963} - K:\AUTORUN.EXE
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {b0dc9a48-a89c-11e1-9d81-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
IFEO\kies.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Office-Bibliothek-Direktsuche.lnk
ShortcutTarget: Office-Bibliothek-Direktsuche.lnk -> E:\Fremdwörterlexikon\PCLib.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlineControl.lnk
ShortcutTarget: OnlineControl.lnk -> E:\TOnline\OnlineControl\ocontrol.exe (T-Com Bereich Endgeräte)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2012 Zahlungserinnerung.lnk
ShortcutTarget: Quicken 2012 Zahlungserinnerung.lnk -> C:\Windows\Installer\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> E:\VR-NetWorld\vrtoolcheckorder.exe (VR-NetWorld Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> E:\WISO2013\mshaktuell.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:36169
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://isearch.avg.com/?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=12.2.5.32&sap=hp
hxxp://www.microsoft.com/windows/ie/searchguide/de-de/default.mspx?dcsref=hxxp://runonce.msn.com/runonce2.aspx#
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=BDT3&ocid=bdtdhp
URLSearchHook: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
URLSearchHook: HKCU - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=AC0AF970-ABE5-4AE2-989D-14A6F42B02E5&apn_sauid=3107F890-C314-4F1A-B0A5-F9A477BAE173
SearchScopes: HKCU - {65D51F5B-E716-48F8-AA2B-B0851599B02B} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {8C86B2E0-AD99-4008-9A1E-8526E0B00130} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BrowseToolE0191 Toolbar -> {40c3cc16-7269-4b32-9531-17f2950fb06f} -> C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> E:\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - E:\SteganosPM12\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - E:\SteganosPM12\spmplugin3
FF Extension: Steganos Password Manager - E:\SteganosPM12\spmplugin3 [2010-06-02]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-09-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\Adobe\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\Adobe\Acrobat\Browser\WCFirefoxExtn [2012-04-05]
FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - E:\Mobile Master\ext\1
FF Extension: Mobile Master Add-In - E:\Mobile Master\ext\1 [2014-09-30]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [806704 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-20] (APN LLC.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [846864 2014-08-20] (AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 CronODBCSprite; C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe [60453 2014-10-12] () [File not signed]
R2 FirmwareFreewareMacro.exe; C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\FirmwareFreewareMacro.exe [129061 2014-10-12] () [File not signed]
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2011-07-26] (Gladinet, INC)
R2 IovstRouterService; E:\ORICO\ORICO Tools\IovstRouteService_win7.exe [20480 2010-12-16] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 Microsoft Office Groove Audit Service; E:\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
R2 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [273248 2014-09-24] (Nero AG)
R2 PDFProFiltSrvPP; E:\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-02-11] (Nuance Communications, Inc.)
S3 TDslMgrService; E:\TOnline\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2538808 2014-09-04] (AVG Technologies)
R2 USBWaechter; E:\USB Wächter\USBWService.exe [2403840 2010-07-10] (Trinit-Soft) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S2 HPSLPSVC; C:\Users\Gerhard\AppData\Local\Temp\7zS5C53\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-07] (Avira Operations GmbH & Co. KG)
S2 CdaC15BA; C:\Windows\SysWOW64\drivers\CDAC15BA.SYS [8864 2011-06-17] () [File not signed]
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-10-25] (Devguru Co., Ltd)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-15] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2010-05-28] (Paragon Software Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-11-23] (Duplex Secure Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-08-28] (TuneUp Software)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [256000 2012-03-26] (VIA Technologies, Inc.)
S3 cpuz132; \??\C:\Users\Gerhard\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 14:02 - 2014-10-18 14:02 - 00000000 ____D () C:\FRST
2014-10-18 13:17 - 2014-10-18 13:17 - 00000020 _____ () C:\Users\Gerhard\defogger_reenable
2014-10-18 11:14 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 11:14 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 10:46 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 10:46 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 09:40 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 09:40 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 09:38 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 09:38 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-18 09:38 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 09:38 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 09:10 - 2014-10-18 13:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-18 09:09 - 2014-10-18 09:09 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-18 09:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-18 09:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-18 09:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-17 19:19 - 2014-10-17 19:19 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\CheckCode
2014-10-12 14:16 - 2014-10-12 14:16 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-12 14:16 - 2014-10-12 14:16 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\InetStat
2014-10-12 14:00 - 2014-10-12 14:00 - 00301608 _____ (VuuPC Limited) C:\Users\Gerhard\AppData\Local\nsc91A4.tmp
2014-10-12 14:00 - 2014-10-12 14:00 - 00000830 _____ () C:\Users\Gerhard\Desktop\Continue VuuPC Installation.lnk
2014-10-12 13:42 - 2014-10-12 14:14 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro
2014-10-12 13:42 - 2014-10-12 13:42 - 00000000 ____D () C:\Windows\SysWOW64\CronODBCSprite
2014-10-12 13:35 - 2014-10-18 12:29 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\StormWatch
2014-10-11 17:37 - 2014-10-11 17:37 - 00002041 _____ () C:\Users\Public\Desktop\MSI Live Update 6.lnk
2014-10-11 17:37 - 2014-10-11 17:37 - 00000000 ____D () C:\MSILU
2014-10-10 12:03 - 2014-10-10 12:07 - 00000000 ____D () C:\Users\Gerhard\HDR Projects
2014-10-10 12:02 - 2014-10-10 12:02 - 00000726 _____ () C:\Users\Public\Desktop\HDR Projects platin (64-Bit).lnk
2014-10-10 12:02 - 2014-10-10 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2014-10-09 20:24 - 2014-10-09 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-09 20:16 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-09 20:16 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-09 18:46 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-09 18:46 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-09 18:46 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-09 18:46 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-09 18:46 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-09 18:46 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-09 18:46 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-10-09 16:28 - 2014-10-09 16:28 - 00000710 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-10-09 16:27 - 2013-12-30 03:54 - 00233472 _____ (Teruten) C:\Windows\SysWOW64\FsUsbExService.Exe
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sys
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sy_
2014-10-09 16:27 - 2011-11-29 17:40 - 00110592 _____ () C:\Windows\SysWOW64\FsUsbExDevice.Dll
2014-10-09 15:32 - 2014-10-09 19:57 - 00002841 _____ () C:\Users\Public\Desktop\Nero 2015.lnk
2014-10-09 15:30 - 2014-10-09 19:59 - 00002115 _____ () C:\Users\Public\Desktop\Nero MediaHome.lnk
2014-10-09 15:22 - 2014-10-09 15:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebViewer
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Program Files (x86)\WebViewer
2014-10-05 10:32 - 2014-10-05 10:32 - 00000901 _____ () C:\Users\Public\Desktop\QuickLOAD De-Installation.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000627 _____ () C:\Users\Public\Desktop\QuickLOAD Liste der Messläufe.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000615 _____ () C:\Users\Public\Desktop\QuickTARGET Unlimited Handbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000608 _____ () C:\Users\Public\Desktop\QuickTARGET Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000604 _____ () C:\Users\Public\Desktop\QuickLOAD Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000596 _____ () C:\Users\Public\Desktop\QuickLOAD Wichtig!.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000592 _____ () C:\Users\Public\Desktop\QuickTARGETUnlimited.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000577 _____ () C:\Users\Public\Desktop\QuickTARGET.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000573 _____ () C:\Users\Public\Desktop\QuickLOAD.lnk
2014-10-05 10:29 - 2014-10-05 10:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickLOAD
2014-10-05 10:29 - 2012-02-16 15:46 - 00139264 _____ (Axis Controls Ltd) C:\Windows\SysWOW64\SComm32.ocx
2014-10-05 08:46 - 2014-10-05 08:46 - 00002114 _____ () C:\Users\Gerhard\Desktop\AVG 1-Klick-Wartung.lnk
2014-10-01 09:19 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:19 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 16:31 - 2014-09-30 16:31 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Mobile Master
2014-09-30 14:07 - 2014-09-30 14:07 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-30 14:01 - 2014-10-02 13:13 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Mobile Master
2014-09-30 14:01 - 2014-09-30 14:01 - 00000000 ____D () C:\ProgramData\Mobile Master
2014-09-30 14:00 - 2014-09-30 14:00 - 00000688 _____ () C:\Users\Public\Desktop\Mobile Master.lnk
2014-09-30 14:00 - 2014-09-30 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Master
2014-09-30 13:59 - 2014-09-30 13:59 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Jumping Bytes
2014-09-30 09:59 - 2014-09-30 09:59 - 00002969 _____ () C:\Users\Public\Desktop\Nero BackItUp.lnk
2014-09-25 13:38 - 2014-09-25 13:38 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-09-24 18:56 - 2014-09-24 18:56 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-09-24 18:40 - 2014-09-24 18:40 - 00002223 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-09-24 18:40 - 2014-09-24 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2014-09-24 18:40 - 2014-09-04 13:23 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-09-24 18:40 - 2014-09-04 13:23 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-09-24 18:40 - 2014-09-04 13:23 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-09-24 18:39 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\AVG
2014-09-24 16:55 - 2014-09-24 16:55 - 00000936 _____ () C:\Users\Public\Desktop\AVG.lnk
2014-09-24 16:55 - 2014-09-24 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2014-09-24 14:57 - 2014-10-05 09:48 - 00000000 ____D () C:\ProgramData\Avg
2014-09-24 14:57 - 2014-09-24 18:39 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-09-24 14:44 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Avg
2014-09-24 14:44 - 2014-09-24 18:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\AvgSetupLog
2014-09-24 09:31 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:31 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 08:24 - 2014-09-24 08:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VR-IBAN-Konverter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 13:29 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-18 13:29 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-18 13:21 - 2010-08-30 18:43 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-18 13:20 - 2010-06-30 10:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-18 13:18 - 2013-08-05 07:38 - 03758278 _____ () C:\Windows\PFRO.log
2014-10-18 13:18 - 2013-08-05 07:38 - 00020423 _____ () C:\Windows\setupact.log
2014-10-18 13:18 - 2010-05-27 12:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-18 13:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-18 13:17 - 2010-05-25 14:24 - 00000000 ____D () C:\Users\Gerhard
2014-10-18 13:17 - 2010-05-25 14:16 - 01845369 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 13:08 - 2012-04-02 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 13:06 - 2010-06-30 10:15 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 12:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss
2014-10-18 12:29 - 2010-09-30 20:32 - 00000000 ____D () C:\Program Files (x86)\Winload
2014-10-18 11:55 - 2012-04-22 15:09 - 55886848 _____ () C:\Users\Gerhard\Documents\Outlook.pst
2014-10-18 11:00 - 2013-08-05 07:38 - 00505416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 10:20 - 2010-05-25 17:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-18 10:12 - 2013-08-01 19:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 10:11 - 2009-07-14 19:58 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-10-18 10:11 - 2009-07-14 19:58 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-10-18 10:11 - 2009-07-14 07:13 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-18 09:53 - 2010-05-25 19:47 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 19:42 - 2010-05-25 14:24 - 00000000 __SHD () C:\Recovery
2014-10-17 19:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-10-11 17:07 - 2010-05-26 15:28 - 00013030 _____ () C:\Users\Public\PDOXUSRS.NET
2014-10-10 11:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-09 20:16 - 2011-06-25 15:15 - 00000000 ____D () C:\Temp
2014-10-09 20:16 - 2010-07-18 15:22 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-09 19:59 - 2012-01-14 15:20 - 00002924 _____ () C:\Windows\System32\Tasks\{30E14213-C4CA-4811-9144-5CF8007FFA2E}
2014-10-09 19:59 - 2011-12-23 16:24 - 00002924 _____ () C:\Windows\System32\Tasks\{FC43D33C-9413-48F6-8749-E800708016B1}
2014-10-09 19:59 - 2011-10-28 13:18 - 00002924 _____ () C:\Windows\System32\Tasks\{699649F9-5C0D-4FD7-AD24-617669546763}
2014-10-09 19:59 - 2011-10-28 13:06 - 00002924 _____ () C:\Windows\System32\Tasks\{021D9944-64AF-4BC5-A0FB-1043595DA4C9}
2014-10-09 19:59 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-10-09 18:46 - 2010-05-27 12:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-09 18:20 - 2010-06-15 11:44 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Nero
2014-10-09 16:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-09 16:37 - 2011-06-25 18:45 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-10-09 15:57 - 2010-06-01 12:33 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Nero
2014-10-09 15:33 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Nero
2014-10-08 13:33 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Corel
2014-10-08 13:32 - 2010-06-01 13:53 - 00000000 ____D () C:\VueScan
2014-10-08 13:32 - 2010-05-25 14:36 - 00001838 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2014-10-08 13:32 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\Documents\Meine PSP-Dateien
2014-10-07 20:25 - 2012-09-13 17:09 - 00000000 ____D () C:\Users\Public\Documents\Quickload
2014-10-07 11:21 - 2013-11-25 19:18 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-05 09:52 - 2013-08-04 13:24 - 00146736 _____ () C:\Users\Gerhard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-30 19:35 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-30 09:59 - 2013-10-20 13:58 - 00003726 _____ () C:\Windows\System32\Tasks\Gerhards Dateisicherung 15 0
2014-09-30 09:59 - 2010-08-25 16:19 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-09-24 08:26 - 2013-12-01 20:26 - 00000041 _____ () C:\Users\Public\IK_PosLen.dat
2014-09-24 08:24 - 2013-05-28 15:59 - 00001569 _____ () C:\Users\Public\Desktop\VR-IBAN-Konverter.lnk
2014-09-24 08:23 - 2013-05-28 15:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\VR-IK
2014-09-23 21:10 - 2012-04-02 18:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 21:10 - 2012-04-02 18:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 21:10 - 2011-05-20 13:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-21 15:29 - 2011-11-23 14:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Standard.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00001559 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Standard.lnk

Files to move or delete:
====================
C:\Users\Public\IK_PosLen.dat
C:\Users\Public\VR-IBAN-Konverter.dat


Some content of TEMP:
====================
C:\Users\Gerhard\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 16:07

==================== End Of Log ============================
--- --- ---

--- --- ---


Gmer Log
GMER Logfile:
Code:
GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Rootkit scan 2014-10-18 14:38:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD7501AALS-00J7B0 rev.05.00K05 698,64GB
Running: GerKK234.exe; Driver: C:\Users\Gerhard\AppData\Local\Temp\uxlirfow.sys


---- Registry - GMER 2.1 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                   
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                E:\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                0
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x83 0xAC 0x0F 0xBE ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                         
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0xA0 0x02 0x00 0x00 ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                    0x05 0x7F 0xCC 0x7C ...
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x2C 0x49 0x79 0xC9 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)               
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                    E:\DAEMON Tools Lite\
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                    0x00 0x00 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                    0
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x83 0xAC 0x0F 0xBE ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)     
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0xA0 0x02 0x00 0x00 ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                        0x05 0x7F 0xCC 0x7C ...
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x2C 0x49 0x79 0xC9 ...

---- EOF - GMER 2.1 ----
--- --- ---
Mfg
Gerhard

schrauber 19.10.2014 08:25
Es fehlt immer noch die Addition.txt von FRST, dafür hast Du jetzt 4mal Gmer und FRST.txt gepostet.

Ruhig bleiben, durchatmen, richtig lesen und nur das machen was ich poste :)

GerKK 19.10.2014 11:47
Hallo Schrauber, sorry, aber Leuten die so etwas entwickeln, sollte das Handwerk gelegt werden.- Anbei die Addition.txt.
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-10-2014 02
Ran by Gerhard at 2014-10-16 13:21:04
Running from G:\AdwareCleaner
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
3D Haus Design Studio - Professional Edition - (HKLM-x32\...\3D Haus Design Studio_is1) (Version:  - Avanquest Deutschland GmbH)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABC Amber Audio Converter (HKLM-x32\...\ABC Amber Audio Converter) (Version:  - )
Accent OFFICE Password Recovery 4.0 (HKLM-x32\...\Accent OFFICE Password Recovery_is1) (Version: 4.0 - AccentSoft Team)
Adobe Acrobat X Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.303.433 - ALPS ELECTRIC CO., LTD.)
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.23 - Avanquest Software)
AVG (HKLM\...\AvgZen) (Version: 1.0.329 - AVG Technologies)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.105 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.105 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.105 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
AVG Zen (Version: 1.0.329 - AVG Technologies) Hidden
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C1200}) (Version: 12.18.0.3053 - APN, LLC)
BDE eXpress Windows 7 (HKLM-x32\...\BDE eXpress Windows 7) (Version:  - )
BenVista PhotoZoom Classic 4.1.2 (HKLM-x32\...\PhotoZoom Classic 4) (Version: 4.1.2 - BenVista Ltd.)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.171.0 - Microsoft Corporation)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon RAW Codec (HKLM-x32\...\Canon RAW Codec) (Version: 1.7.0.56 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.4.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.1.0.11 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
Caplio Software (HKLM-x32\...\{5BC1F10D-6A7A-41AE-AC7C-6BD454204729}) (Version:  - )
Cherry SmartCardKeyboard V2.6 Build 2 (HKLM-x32\...\{12D10938-BB15-11D4-A32B-00010211A886}) (Version: 2.6.2.0 - Cherry)
Corel Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
Corel Paint Shop Pro Photo XI (HKLM-x32\...\{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}) (Version: 11.00.0000 - Corel Inc)
Corel Snapfire (HKLM-x32\...\{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}) (Version: 1.00.0000 - Ihr Firmenname)
Creo Elements/Direct Modeling Personal Edition 3.0 ( x64 ) (HKLM\...\{1218162D-656E-4074-9201-B29EA22FDA4B}) (Version: 30.0.3014 - Parametric Technology GmbH)
Curitel Packet Service Software (HKLM-x32\...\Curitel Packet Service) (Version:  - )
Cut Out 4.0 (HKLM\...\Cut Out 4_is1) (Version:  - Franzis.de)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Daten-Retter (HKLM-x32\...\Daten-Retter_Daten-Retter_is1) (Version:  - Spotmau, Inc.)
DDBAC (HKLM-x32\...\{450008C6-3722-4214-AB4F-9E45B57CB422}) (Version: 4.3.71 - DataDesign)
DDBAC (HKLM-x32\...\{8DD59B6E-6FC4-4CDC-896D-2FDF19CBE70B}) (Version: 4.3.64 - DataDesign)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
DesignCAD 3D Max 20 (HKLM-x32\...\{B247B144-6B56-499A-9080-5856C800E937}) (Version: 20.0.0 - IMSIDesign)
Dietrich's AG PlanCAD-L (HKLM-x32\...\{B64B2351-10AE-4890-9D5E-F9BDC292801D}_is1) (Version: 10.02 - Dietrich's AG)
Dr. Regener Landkarte Vivo (HKLM-x32\...\Dr. Regener Landkarte Vivo) (Version:  - )
Dr. Regener Streckenbuch Vista (HKLM-x32\...\Dr. Regener Streckenbuch Vista) (Version:  - )
DriverTuner 3.1.0.1 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )
Duden-Rechtschreibprüfung PLUS (HKLM-x32\...\{45C5C113-AD43-414B-867D-7C0AF54276CB}) (Version: 8.031.31 - Bibliographisches Institut GmbH)
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
EPSON Smart Panel (HKLM-x32\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: 4.00.00 - )
EPSON TWAIN 5 (HKLM-x32\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.)
Excel Code Jeanie.1.00 (HKLM-x32\...\Excel Code Jeanie_is1) (Version: 1.00 - )
eXPert PDF 6 (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 6.31 - Avanquest software)
FloorPlan 3D V.11 (HKLM-x32\...\{E10BDC79-401E-47AC-8011-FFF1D4AFFB21}) (Version: 11.0 - IMSI)
FMW 1 (Version: 1.0.230 - AVG Technologies) Hidden
Formblitz AG - Formbox (HKLM-x32\...\de.formblitz.formbox) (Version: 0.9.12 - FORMBLITZ AG)
Formblitz AG - Formbox (x32 Version: 0.9.12 - FORMBLITZ AG) Hidden
Free Word Excel Password Wizard (HKLM-x32\...\{2EB44B16-05EF-42FD-9300-A85CDEF60864}) (Version: 1.0.0 - www.freewordexcelpassword.com)
Geogrid® DPV (HKLM-x32\...\Geogrid_DPV) (Version:  - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HDR Projects platin (64-Bit) (HKLM\...\HDR Projects platin_is1) (Version: 1.23 - Franzis Verlag GmbH)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kalender-Excel-8.8 (HKLM-x32\...\Kalender-Excel-8.8_is1) (Version: 8.8 - MSDatec)
Lexware Info Service (HKLM-x32\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{C908A5AC-4F61-4B9A-8A51-48B5696C53B1}) (Version: 12.00.00.0043 - Haufe-Lexware GmbH & Co.KG)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
LogoMaker 3.0 (HKLM-x32\...\LogoMaker_is1) (Version:  - Studio V5)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Remote (HKLM-x32\...\{21550042-EA9F-4419-A8D7-DF732DCEB76E}) (Version: 1.0.7252.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesignerR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
MilGeo-PCMAP (x32 Version: 4.40.000 - EADS Deutschland GmbH) Hidden
MilGeo-PCMAP 4.4 (HKLM-x32\...\{C06B4D88-2D6E-469C-B3A3-54FCAEFFCE66}) (Version: 4.40.000 - EADS Deutschland GmbH)
Mobile Master (x32 Version: 8.9.4 - Jumping Bytes) Hidden
Mobile Master 8.9.4 (HKLM-x32\...\Mobile Master) (Version: 8.9.4 - Jumping Bytes)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.010 - MSI)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MultiMedia Disk (HKLM-x32\...\{68971113-FA43-4B5C-8243-C5F7EC77BB5E}) (Version:  - )
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Abstract Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{0450A697-C87E-42C2-9331-29E19901F72A}) (Version: 15.2.6.22 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Blu-ray Player (x32 Version: 12.1.20081 - Nero AG) Hidden
Nero Burning Core (x32 Version: 16.0.11000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 16.0.11000 - Nero AG) Hidden
Nero Cliparts (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.2.0008 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.4.0013 - Nero AG) Hidden
Nero Device Updates (x32 Version: 15.0.1002 - Nero AG) Hidden
Nero Device Updates (x32 Version: 16.0.2000 - Nero AG) Hidden
Nero Disc Menus 1 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 2 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 3 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 16.0.1007 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Express (x32 Version: 16.0.11000 - Nero AG) Hidden
Nero Family and Events Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Football (Soccer) Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Holiday and Sports Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Image Samples (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Info (x32 Version: 16.0.1003 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{24A500E4-0B12-4D62-9973-2C7E23CCA750}) (Version: 11.0.16401 - Nero AG)
Nero Kwik Themes Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Launcher (x32 Version: 16.0.9000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.26.7400 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects 1 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Platinum Effects 12 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Prerequisite Installer 1.0 (HKLM-x32\...\{AFD1BFF3-FE02-47BB-8F45-739D46AEA2BC}) (Version: 11.0.12700 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{2D510AEB-E37D-4B5D-B168-C9C49E3F58C5}) (Version: 12.0.01500 - Nero AG)
Nero Recode (x32 Version: 16.0.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 16.0.3000 - Nero AG) Hidden
Nero Retro Film Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.16006 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video (x32 Version: 16.0.4000 - Nero AG) Hidden
Nero Video Samples (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Video Transitions 1 (x32 Version: 16.0.10002 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20014 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nuance Cloud Connector (HKLM-x32\...\{DE7C1B86-27EF-4D02-886E-17CC3458034B}) (Version: 3.2.713 - Nuance Communications, Inc.)
Nuance OmniPage 18 (HKLM-x32\...\{74D199FC-CEFB-45AF-B364-754E1A75220E}) (Version: 18.1.0000 - Nuance Communications, Inc.)
Nuance PaperPort 12 (HKLM-x32\...\{69192731-44E6-4C08-B0A3-66174478B9E3}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc)
Nuance PDF Viewer Plus (HKLM-x32\...\{EC00862A-C16F-4ED0-BC06-34538512E730}) (Version: 5.30.3296 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1150 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
Office-Bibliothek 4.1 (HKLM-x32\...\{54971F17-9D16-4D43-95D6-3A86E3D20EDB}) (Version:  - )
OnlineControl 1.1 (HKLM-x32\...\OnlineControl_is1) (Version: 1.1.22 - Deutsche Telekom AG T-Com)
ORICO Tools 2.0.2.4 (HKLM-x32\...\ORICO Tools) (Version: 2.0.2.4 - ORICO)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Paragon Partition Manager™ 11 Personal (HKLM-x32\...\{986A654F-F1E4-11DD-9FCA-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Suite (HKLM-x32\...\{5598CA96-EFA4-4AFE-BB8E-C91CF778CEC4}) (Version: 1.0 - O2)
PC Suite (x32 Version: 1.0 - O2) Hidden
PDF Password Remover v3.0 (HKLM-x32\...\PDF Password Remover v3.0_is1) (Version:  - VeryPDF.com Inc)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
Platform (x32 Version: 1.38 - VIA Technologies, Inc.) Hidden
Prerequisite installer (x32 Version: 12.0.0005 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
Presto! BizCard 6 (HKLM-x32\...\{4F9D15B4-0F57-4B84-94AE-C1286C8D4443}) (Version: 6.10.10 - NewSoft Technology Corporation)
Presto! BizCard 6 (x32 Version: 6.10.10 - NewSoft) Hidden
Presto! PageManager 9.01 SE (HKLM-x32\...\{01BE175C-02D1-45E6-9610-7E3D0178191D}) (Version: 9.01.31 - Newsoft Technology Corporation)
Presto! PrintCentral (HKLM-x32\...\{A4FB2418-C84E-49A2-B7FE-48D71B54C1DF}) (Version: 1.00.02 - NewSoft Technology Corporation)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Quicken DELUXE 2012 (HKLM-x32\...\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}) (Version: 19.36.00.0165 - Haufe-Lexware GmbH & Co.KG)
Quicken Import Export Server 2012 (HKLM-x32\...\{7FC74607-ED6E-49C3-87FA-56B50A2EE158}) (Version: 19.30.00.0134 - Haufe-Lexware GmbH & Co.KG)
QuickLOAD (HKLM-x32\...\ST5UNST #1) (Version:  - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.0.11112_41 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.0.11112_41 - Samsung Electronics Co., Ltd.) Hidden
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Silicon Laboratories CP210x VCP Drivers for Windows 7 (HKLM-x32\...\{93AF2822-B19D-45BE-BF50-DE5C5FB2B7A4}) (Version: 5.40.24 - Silicon Laboratories, Inc.)
SmartTools Publishing • Access Berichte-Verteiler (HKLM-x32\...\SmartToolsBerichte-Verteilerv2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Access Kalender-ActiveX (HKLM-x32\...\SmartToolsKalender-ActiveXv1.00) (Version: v1.00 - SmartTools Publishing)
SmartTools Publishing • Access SQL aus Abfragen (HKLM-x32\...\SmartToolsSQL aus Abfragenv3.00) (Version: v3.00 - SmartTools Publishing)
SmartTools Publishing • Access Zahl in Worten (HKLM-x32\...\SmartToolsZahl in Wortenv2.50) (Version: v2.50 - SmartTools Publishing)
SmartTools Publishing • Best of Excel Weekly, Vol 2 (HKLM-x32\...\SmartToolsBest of Excel Weekly, Vol 2v2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Excel EM-Tipp 2012 (HKLM-x32\...\SmartToolsEM-Tipp 2012v3.00) (Version: v3.00 - SmartTools Publishing)
SmartTools Publishing • Excel Jahresplan (HKLM-x32\...\SmartToolsJahresplanv3.00) (Version: v3.00 - SmartTools Publishing)
SmartTools Publishing • Excel MapMerger (HKLM-x32\...\SmartToolsMapMergerv3.00) (Version: v3.00 - SmartTools Publishing)
SmartTools Publishing • Excel MapNotes (HKLM-x32\...\SmartToolsMapNotesv2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Excel Mini-Kalender (HKLM-x32\...\SmartToolsMini-Kalenderv2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Excel Projektplan (HKLM-x32\...\SmartToolsProjektplanv2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Excel Spalten-Assistent (HKLM-x32\...\SmartToolsSpalten-Assistentv1.50) (Version: v1.50 - SmartTools Publishing)
SmartTools Publishing • Excel WM-Tipp 2010 (HKLM-x32\...\SmartToolsWM-Tipp 2010v1.00) (Version: v1.00 - SmartTools Publishing)
SmartTools Publishing • Excel Wochenplan 2011, 2012 (HKLM-x32\...\SmartToolsWochenplan 2011, 2012v1.00) (Version: v1.00 - SmartTools Publishing)
SmartTools Publishing • Outlook Feiertags- und Ferien-Assistent (HKLM-x32\...\SmartToolsFeiertags- und Ferien-Assistentv4.00) (Version: v4.00 - SmartTools Publishing)
SmartTools Publishing • Word Briefassistenten (HKLM-x32\...\SmartToolsBriefassistentenv1.00) (Version: v1.00 - SmartTools Publishing)
SmartTools Publishing • Word Kalender-Assistent (HKLM-x32\...\SmartToolsKalender-Assistentv5.00) (Version: v5.00 - SmartTools Publishing)
SmartTools Publishing • Word Kalender-Assistent (HKLM-x32\...\SmartToolsKalender-Assistentv6.00) (Version: v6.00 - SmartTools Publishing)
SmartTools Publishing • Word Kalender-Assistent 2013 (HKLM-x32\...\SmartToolsKalender-Assistent 2013v7.00) (Version: v7.00 - SmartTools Publishing)
SmartTools Publishing • Word Shortcut-Referenz (HKLM-x32\...\SmartToolsShortcut-Referenzv1.00) (Version: v1.00 - SmartTools Publishing)
sPlan 6.0 (HKLM-x32\...\sPlan_60_is1) (Version:  - )
Steganos Password Manager 12 (HKLM-x32\...\{C009A918-0C06-45B3-AEF6-B1057307A643}) (Version: 12.0.6 - Steganos Software GmbH)
Sun-Moon-Calendar 9 (HKLM-x32\...\Sun-Moon-Calendar 9) (Version: Version 9.8 - Dr. Regener)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TippGenerator 7.61 FreeVersion (HKLM-x32\...\TippGeneratorFree_is1) (Version:  - )
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Top50 Viewer basierend auf Geogrid®-Viewer Version 3.2 (HKLM-x32\...\DeInst_d2vexcrd E:/Top50 V4) (Version:  - )
Total Zip 1.0 (HKLM-x32\...\Total Zip_is1) (Version:  - Bitberry Software)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4410.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2160.11 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.4500.26 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_SharePointDesignerR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899475) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{23AE87D8-AB2F-4539-935C-442BC976F469}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB Wächter (HKLM-x32\...\{960090F2-A75A-4885-B41F-21C3D5BE1E84}_is1) (Version: 0.7.1.130 - Trinit-Soft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.38 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VR-IBAN-Konverter (HKLM-x32\...\{310F494E-B54F-486B-97EB-427CA66DED36}) (Version: 1.00.0030 - Genossenschaftliche FinanzGruppe)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )
VueScan (HKLM\...\VueScan) (Version:  - )
VueScan (HKLM-x32\...\VueScan) (Version:  - )
WebViewer (HKLM-x32\...\WebViewer) (Version: 1.0.2.6936 - 3DIS GmbH)
Weihnachtszeit 3D Bildschirmschoner 1.0 (HKLM-x32\...\Weihnachtszeit 3D Bildschirmschoner_is1) (Version:  - )
Wertpapieranalyse 2012 (HKLM-x32\...\{223766BE-E834-47AF-B002-0BAC11A37812}) (Version: 1.00.0006 - Haufe-Lexware GmbH & Co. KG)
Windows Double Explorer (HKLM-x32\...\{1A5FA474-BFE2-43B4-B6A6-01F097489883}) (Version: 1.0.0 - Jörg Dähler - Software Solutions)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (10/07/2013 6.0.1.7058) (HKLM\...\DE7597D60A9A5CE6DE9AAA75BF05E6A6722AE298) (Version: 10/07/2013 6.0.1.7058 - Realtek Semiconductor Corp.)
Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.8.5.1 - )
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WiseIconMaker 1.5 (HKLM-x32\...\WiseIconMaker_is1) (Version:  - JosesSoft, Inc.)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Wondershare PDF Converter Pro (Build 2.6.2) (HKLM-x32\...\{19C7BF26-FF3F-4B74-ACA0-57F223928E01}_is1) (Version: 2.6.2 - Wondershare Software)
Xilisoft PowerPoint to Video Converter Business (HKLM-x32\...\Xilisoft PowerPoint to Video Converter Business) (Version: 1.0.3.0305 - Xilisoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{0911ECFC-FE5F-4C7F-A9A6-97ADAEE5D6FC}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{3E6B9545-542A-3F2C-A51B-0C61EDEB7129}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{77371816-0DAB-3402-92AF-FF3B7415CB63}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{801C7ABB-5CF0-33F4-A27D-977D6E1852E2}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{B0229119-6503-3523-A242-B786A39EA86A}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{C5CA7E56-87E7-36D8-AFA4-6D63004C3E9B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{C887105A-1C2A-3C85-8B1B-8F3DF7ED097B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{CA656210-F907-3444-A822-E74FDA064D6C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{D087AA31-F943-37F8-9FB3-1A00796125C2}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{E83BFFAA-7CB4-3346-B4B2-E5A0BEA5BD94}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points  =========================

10-10-2014 10:02:57 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 wurde installiert.
12-10-2014 11:14:32 Windows-Sicherung
12-10-2014 12:28:26 Windows-Sicherung
15-10-2014 11:54:01 Windows Update
16-10-2014 08:46:46 Wiederherstellungsvorgang
16-10-2014 10:22:41 Removed Java 7 Update 67

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07234C7A-E6E8-4180-9FBB-63678495871F} - System32\Tasks\Update Manager => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [2010-09-15] (Haufe-Lexware GmbH & Co. KG)
Task: {095E9F4E-940C-47C8-89CB-B6E6BA87DCBF} - System32\Tasks\{699649F9-5C0D-4FD7-AD24-617669546763} => E:\Samsung\Kies\Kies.exe [2014-07-25] (Samsung)
Task: {0D7A7ECB-40E4-43C6-B722-A71954672DAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-22] (Google Inc.)
Task: {29B63481-5903-42B9-986B-CC49F531E8A2} - System32\Tasks\{D97214B7-40BF-450F-85B2-A46DD292A717} => E:\POIbase\POIbase.exe
Task: {2BA21DA8-E788-4C1F-9E05-CE6F41A9B801} - System32\Tasks\{D8DB53C6-9B2F-4605-A11B-681698D3E351} => K:\SETUP.EXE
Task: {2D44FE03-FDEE-4981-A0DD-6F7EEB95E517} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-22] (Google Inc.)
Task: {2DBAD2CD-A8E2-48D6-BB9E-88EE4B1003E5} - System32\Tasks\{0BEE9C56-12C3-42A1-A3D6-B4DEF82D4911} => E:\VR-NetWorld\VRNetWorld.exe [2014-01-30] ()
Task: {337433D6-DE4A-4AFA-B5C7-15918E9E90FF} - System32\Tasks\{1FB4A78B-C6B9-4952-8C0C-ABBDF289B610} => E:\Samsung\Launcher.exe
Task: {3976D069-5A85-48AA-A365-1E05BBE3BF8D} - System32\Tasks\WISO Mein Sparbuch heute => E:\WISO\meinsparbuchheute.exe
Task: {3C110CF2-5DB2-47A4-9EF4-E6B837188B85} - System32\Tasks\{FC43D33C-9413-48F6-8749-E800708016B1} => E:\Samsung\Kies\Kies.exe [2014-07-25] (Samsung)
Task: {3FB3E7FC-74C4-426F-AE9A-1B34989707DC} - System32\Tasks\{23222A76-DEF6-495F-8DCA-6319611F0B96} => E:\Dr.Regener\rlk.exe [2008-11-06] (GPSur Dr. Erhard Regener)
Task: {407DBE15-53B4-4A24-A850-4765302A1BBA} - System32\Tasks\{AAE13D0F-1645-4A29-A2E1-7E2E54802A96} => K:\SETUP.EXE
Task: {43388CAF-29D9-4B87-9E8B-852E4E262E4C} - System32\Tasks\{296BE6DD-5116-4853-8D64-67FAAF76A8C9} => E:\POIbase\POIbase.exe
Task: {443AAF17-14EE-424E-B2B3-1E9690FB60BE} - System32\Tasks\{44798161-A236-4E6D-8FDD-72B593597368} => E:\Samsung\Launcher.exe
Task: {4E21A19F-72C7-42CE-A0A3-57933FDD6F5C} - System32\Tasks\{0E83A38A-71AD-4270-85FD-7925D7366A45} => E:\CaplioG3\Capftpd.exe [2004-05-06] (Ricoh Co.,Ltd.)
Task: {55994F03-6884-48D1-8687-082B51D6A5EC} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {56A81CBA-D9AB-4CC0-B020-188260E49681} - System32\Tasks\{92F328A2-FAD5-46FA-96C9-A2737D0BD396} => E:\BeckerCAD\PROGRAM\BCAD\Becker.exe
Task: {588E9E88-9BF1-4CDF-BA33-813D01AB676B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5F3BFE2E-D5E3-4325-BDA7-1C2045352ACD} - System32\Tasks\{7BB0CBCB-4299-4F0F-BD5D-5C59FFCB3248} => E:\Samsung\Launcher.exe
Task: {62B6E826-3EDD-4F38-B4DB-1D81BC6DD36E} - System32\Tasks\{30E14213-C4CA-4811-9144-5CF8007FFA2E} => E:\Samsung\Kies\Kies.exe [2014-07-25] (Samsung)
Task: {64ADD47C-B976-43E2-BA1B-7DA75699D2E7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {67D46AF2-1161-417B-AA2A-35219BF9F5E3} - System32\Tasks\{15A3473A-F94C-4725-96DA-025AC72D3FA8} => E:\Corel\Corel Paint Shop Pro Photo.exe [2006-08-04] (Corel, Inc.)
Task: {6AEA6EFF-E0BB-4DE4-B9FF-A89001805911} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
Task: {6BB76224-3FE5-4D56-A129-5A570F566EF4} - System32\Tasks\{0B3A80A0-825C-451D-B07A-605DF8B0367F} => E:\NASA\World Wind 1.4\WorldWind.exe
Task: {6C9E5D2B-BA3D-4BCE-8316-E6D29B07BBC6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {6EC218F7-A2DC-451C-85CA-059E67434EB8} - System32\Tasks\Gerhard Nero LIVEBackup 12 0 => E:\Nero12\Nero 12\Nero BackItUp\NBCore.exe
Task: {740CA8C2-6EB5-4B10-9A59-D55E1111FC1E} - System32\Tasks\Gerhard Nero LIVEBackup Merge 12 0 => E:\Nero12\Nero 12\Nero BackItUp\NBCore.exe
Task: {82B16C09-D6D0-4F5F-B2BA-6B0D1A252DF1} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {96ECB066-4109-4FD1-B244-C2C407134DA5} - System32\Tasks\{F1287E7D-0BDB-4091-A31D-3D9205CB5BB6} => E:\CaplioG3\CaplioSoftware_R1V\RGateLXP.exe
Task: {9A8C13C4-F7CD-435F-8BE4-2F0AE020A4F5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-09-04] (AVG Technologies)
Task: {9B354D60-8D9A-4F12-AEC8-4D54AD36B0CB} - System32\Tasks\{83E8BE73-EBC2-4C75-B41D-C7CE30078312} => E:\POIbase\POIbase.exe
Task: {9C5CD000-4D7A-4762-885C-D21E0FFD87D8} - System32\Tasks\{021D9944-64AF-4BC5-A0FB-1043595DA4C9} => E:\Samsung\Kies\Kies.exe [2014-07-25] (Samsung)
Task: {9F7305A3-3C12-4B20-B3DC-444ECFBD54CB} - System32\Tasks\{2E6D1EC6-5E73-495C-9BA8-4A7F3C064DB8} => E:\Corel\Corel Paint Shop Pro Photo.exe [2006-08-04] (Corel, Inc.)
Task: {B000513C-6D30-4001-8473-686277915EF5} - System32\Tasks\{030F87AC-D126-48DE-895C-FFFD6CDB8550} => C:\Program Files (x86)\POIbase\POIbase.exe
Task: {C545A85F-F781-4866-85DF-1654D368D899} - System32\Tasks\{C3D1880E-4E5D-4CD1-8A47-CB8D1F7EAD76} => C:\Program Files (x86)\Caplio Software\Capftpd.exe
Task: {C9073C3E-3234-4A10-8337-49DA770DAFF3} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {CCA1C39C-B0D6-4377-A83B-7E397127E707} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {D43D60F0-9E54-4E32-82E7-BC578B7B714E} - System32\Tasks\{1B3CA8FD-E938-49D7-9A14-9059E1F5A68C} => E:\CaplioG3\CaplioSoftware_R1V\RGateLXP.exe
Task: {E6BA6BCA-7630-48DD-9453-B28A21CFE80D} - System32\Tasks\{BA8A74DD-EC60-47D4-9C29-4247FD1FF0C3} => E:\BeckerCAD\PROGRAM\BCAD\Becker.exe
Task: {E75F9974-0DE3-4767-A24C-4904F2A759A8} - System32\Tasks\{780BB7C0-EF1C-42C4-913C-8A0624FACFAD} => E:\VR-NetWorld\VRNetWorld.exe [2014-01-30] ()
Task: {F75124E0-DB25-47A6-AE52-FA766E93AA0E} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [2010-09-15] (Haufe-Lexware GmbH & Co. KG)
Task: {FB9FEFBA-E336-44EE-A9A1-D8204D9176B4} - System32\Tasks\Gerhards Dateisicherung 15 0 => C:\Program Files (x86)\Nero\Nero BackItUp\NBCore.exe [2014-09-24] (Nero AG)
Task: {FF73E5F3-A9E2-4CD5-984D-2F23FA8A5205} - System32\Tasks\{A56529AB-0944-476C-97DA-5850F6D5E47B} => C:\Program Files (x86)\Dr. Regener\Streckenbuch\rsbstart.exe [2008-05-09] (GPSur Dr. Erhard Regener)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-11-18 14:40 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-12-16 09:11 - 2010-12-16 09:11 - 00020480 _____ () E:\ORICO\ORICO Tools\IovstRouteService_win7.exe
2011-07-26 11:21 - 2011-07-26 11:21 - 00222064 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2014-09-04 13:23 - 2014-09-04 13:23 - 00699704 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-09-04 13:23 - 2014-09-04 13:23 - 00487736 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tuavga.dll
2014-08-11 22:51 - 2014-08-11 22:50 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-10-12 13:42 - 2014-10-12 13:42 - 00060453 _____ () C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe
2012-01-29 20:48 - 2012-02-17 20:55 - 00193536 _____ () E:\WinRAR\rarext.dll
2010-07-09 19:50 - 2001-01-04 12:22 - 00135168 _____ () C:\Windows\SysWOW64\txtuser.exe
2011-12-23 14:35 - 2014-09-07 20:19 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2014-09-04 13:23 - 2014-09-04 13:23 - 00837432 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2010-05-26 18:19 - 2007-05-31 07:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2011-07-26 11:13 - 2011-07-26 11:13 - 00292720 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2011-07-26 11:13 - 2011-07-26 11:13 - 00079728 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2011-07-26 11:13 - 2011-07-26 11:13 - 00015216 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2014-10-11 17:37 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2014-08-11 22:51 - 2014-08-11 22:50 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-09-04 14:51 - 2014-09-04 14:51 - 00019968 _____ () E:\Adobe\Acrobat\locale\de_de\acrotray.deu
2014-09-24 16:41 - 2014-09-24 16:41 - 31842816 _____ () C:\Program Files (x86)\AVG\Framework\Common\libcef.dll
2014-10-14 20:09 - 2014-10-14 20:10 - 03649648 _____ () E:\Firefox\mozjs.dll
2014-09-11 07:18 - 2014-09-11 07:18 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:01C66DD9
AlternateDataStreams: C:\ProgramData\TEMP:0B9FB94D
AlternateDataStreams: C:\ProgramData\TEMP:A303874F
AlternateDataStreams: C:\ProgramData\TEMP:A4A25FD3
AlternateDataStreams: C:\ProgramData\TEMP:BD872EF0

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: KiesHelper => E:\Samsung\Kies\KiesHelper.exe /s                                                                                                                                                                                                                                       
MSCONFIG\startupreg: KiesTrayAgent => E:\Samsung\Kies\KiesTrayAgent.exe                                                                                                                                                                                                                                       
MSCONFIG\startupreg: SmBizcard => C:\Program Files (x86)\NewSoft\Presto! BizCard 6\SmBizcard.exe
MSCONFIG\startupreg: vspdfprsrv.exe => E:\PDFExperte\vspdfprsrv.exe --background

========================= Accounts: ==========================

Administrator (S-1-5-21-1256300535-3656786790-4203701623-500 - Administrator - Disabled)
Gast (S-1-5-21-1256300535-3656786790-4203701623-501 - Limited - Disabled) => C:\Users\Gast
Gerhard (S-1-5-21-1256300535-3656786790-4203701623-1001 - Administrator - Enabled) => C:\Users\Gerhard
HomeGroupUser$ (S-1-5-21-1256300535-3656786790-4203701623-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-1256300535-3656786790-4203701623-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/16/2014 00:58:32 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/16/2014 00:58:32 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/16/2014 00:58:32 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/16/2014 00:58:32 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/16/2014 00:58:28 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/16/2014 00:58:28 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/16/2014 00:58:28 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/16/2014 00:58:28 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/16/2014 00:58:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/16/2014 00:58:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)


System errors:
=============
Error: (10/16/2014 01:18:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 42 Mal passiert.

Error: (10/16/2014 01:18:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%2

Error: (10/16/2014 01:18:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 41 Mal passiert.

Error: (10/16/2014 01:18:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%2

Error: (10/16/2014 01:18:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 40 Mal passiert.

Error: (10/16/2014 01:18:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%2

Error: (10/16/2014 01:18:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 39 Mal passiert.

Error: (10/16/2014 01:18:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%2

Error: (10/16/2014 01:18:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 38 Mal passiert.

Error: (10/16/2014 01:18:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%2


Microsoft Office Sessions:
=========================
Error: (01/30/2013 10:01:40 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/23/2012 07:59:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/16/2012 08:57:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 381 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (01/18/2012 08:03:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 128 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/09/2012 08:02:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1036 seconds with 900 seconds of active time.  This session ended with a crash.

Error: (12/04/2011 01:31:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 24 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/23/2011 07:33:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 87 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (11/23/2011 07:31:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 132 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/22/2011 02:37:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3499 seconds with 600 seconds of active time.  This session ended with a crash.

Error: (10/07/2011 04:19:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 8692 seconds with 2640 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-10-09 16:28:18.337
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:18.009
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:15.513
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:15.186
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:12.692
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:12.359
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:09.884
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:09.552
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:07.071
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:06.747
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Percentage of memory in use: 49%
Total physical RAM: 4095.37 MB
Available physical RAM: 2083.96 MB
Total Pagefile: 8188.91 MB
Available Pagefile: 5633.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:146.48 GB) (Free:53.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Programme) (Fixed) (Total:244.14 GB) (Free:216.36 GB) NTFS
Drive f: (Daten) (Fixed) (Total:195.31 GB) (Free:82.46 GB) NTFS
Drive g: (Sicherung) (Fixed) (Total:112.7 GB) (Free:79.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=112.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Danke
MfG
Gerhard

GerKK 19.10.2014 12:05
Trojaner auf dem Rechner, neuer scan
 
Hallo Schrauber, ich hoffe ich versaue dir nicht das Wochenende, anbei der heutige scan.
MfG
Gerhard
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by Gerhard at 2014-10-19 12:52:29
Running from G:\AdwareCleaner
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
3D Haus Design Studio - Professional Edition - (HKLM-x32\...\3D Haus Design Studio_is1) (Version:  - Avanquest Deutschland GmbH)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABC Amber Audio Converter (HKLM-x32\...\ABC Amber Audio Converter) (Version:  - )
Accent OFFICE Password Recovery 4.0 (HKLM-x32\...\Accent OFFICE Password Recovery_is1) (Version: 4.0 - AccentSoft Team)
Adobe Acrobat X Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.303.433 - ALPS ELECTRIC CO., LTD.)
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.23 - Avanquest Software)
AVG (HKLM\...\AvgZen) (Version: 1.0.329 - AVG Technologies)
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.105 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.105 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.105 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
AVG Zen (Version: 1.0.329 - AVG Technologies) Hidden
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C1200}) (Version: 12.18.0.3053 - APN, LLC)
BDE eXpress Windows 7 (HKLM-x32\...\BDE eXpress Windows 7) (Version:  - )
BenVista PhotoZoom Classic 4.1.2 (HKLM-x32\...\PhotoZoom Classic 4) (Version: 4.1.2 - BenVista Ltd.)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.171.0 - Microsoft Corporation)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon RAW Codec (HKLM-x32\...\Canon RAW Codec) (Version: 1.7.0.56 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.4.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.1.0.11 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
Caplio Software (HKLM-x32\...\{5BC1F10D-6A7A-41AE-AC7C-6BD454204729}) (Version:  - )
Cherry SmartCardKeyboard V2.6 Build 2 (HKLM-x32\...\{12D10938-BB15-11D4-A32B-00010211A886}) (Version: 2.6.2.0 - Cherry)
Corel Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
Corel Paint Shop Pro Photo XI (HKLM-x32\...\{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}) (Version: 11.00.0000 - Corel Inc)
Corel Snapfire (HKLM-x32\...\{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}) (Version: 1.00.0000 - Ihr Firmenname)
Creo Elements/Direct Modeling Personal Edition 3.0 ( x64 ) (HKLM\...\{1218162D-656E-4074-9201-B29EA22FDA4B}) (Version: 30.0.3014 - Parametric Technology GmbH)
Curitel Packet Service Software (HKLM-x32\...\Curitel Packet Service) (Version:  - )
Cut Out 4.0 (HKLM\...\Cut Out 4_is1) (Version:  - Franzis.de)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Daten-Retter (HKLM-x32\...\Daten-Retter_Daten-Retter_is1) (Version:  - Spotmau, Inc.)
DDBAC (HKLM-x32\...\{450008C6-3722-4214-AB4F-9E45B57CB422}) (Version: 4.3.71 - DataDesign)
DDBAC (HKLM-x32\...\{8DD59B6E-6FC4-4CDC-896D-2FDF19CBE70B}) (Version: 4.3.64 - DataDesign)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
DesignCAD 3D Max 20 (HKLM-x32\...\{B247B144-6B56-499A-9080-5856C800E937}) (Version: 20.0.0 - IMSIDesign)
Dietrich's AG PlanCAD-L (HKLM-x32\...\{B64B2351-10AE-4890-9D5E-F9BDC292801D}_is1) (Version: 10.02 - Dietrich's AG)
Dr. Regener Landkarte Vivo (HKLM-x32\...\Dr. Regener Landkarte Vivo) (Version:  - )
Dr. Regener Streckenbuch Vista (HKLM-x32\...\Dr. Regener Streckenbuch Vista) (Version:  - )
DriverTuner 3.1.0.1 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.1 - LionSea SoftWare)
DSL-Manager (HKLM-x32\...\{90A455A7-0FC8-4508-B7FA-8F135B8F041A}) (Version:  - )
Duden-Rechtschreibprüfung PLUS (HKLM-x32\...\{45C5C113-AD43-414B-867D-7C0AF54276CB}) (Version: 8.031.31 - Bibliographisches Institut GmbH)
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
EPSON Smart Panel (HKLM-x32\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: 4.00.00 - )
EPSON TWAIN 5 (HKLM-x32\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.)
Excel Code Jeanie.1.00 (HKLM-x32\...\Excel Code Jeanie_is1) (Version: 1.00 - )
eXPert PDF 6 (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 6.31 - Avanquest software)
FloorPlan 3D V.11 (HKLM-x32\...\{E10BDC79-401E-47AC-8011-FFF1D4AFFB21}) (Version: 11.0 - IMSI)
FMW 1 (Version: 1.0.230 - AVG Technologies) Hidden
Formblitz AG - Formbox (HKLM-x32\...\de.formblitz.formbox) (Version: 0.9.12 - FORMBLITZ AG)
Formblitz AG - Formbox (x32 Version: 0.9.12 - FORMBLITZ AG) Hidden
Free Word Excel Password Wizard (HKLM-x32\...\{2EB44B16-05EF-42FD-9300-A85CDEF60864}) (Version: 1.0.0 - www.freewordexcelpassword.com)
Geogrid® DPV (HKLM-x32\...\Geogrid_DPV) (Version:  - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HDR Projects platin (64-Bit) (HKLM\...\HDR Projects platin_is1) (Version: 1.23 - Franzis Verlag GmbH)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
InetStat (HKCU\...\InetStat) (Version: 0.5b - InetStat)
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kalender-Excel-8.8 (HKLM-x32\...\Kalender-Excel-8.8_is1) (Version: 8.8 - MSDatec)
Lexware Info Service (HKLM-x32\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{C908A5AC-4F61-4B9A-8A51-48B5696C53B1}) (Version: 12.00.00.0043 - Haufe-Lexware GmbH & Co.KG)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
LogoMaker 3.0 (HKLM-x32\...\LogoMaker_is1) (Version:  - Studio V5)
LookThisUp (HKLM\...\LookThisUp) (Version: 1.0.2 - LookThisUp) <==== ATTENTION
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Remote (HKLM-x32\...\{21550042-EA9F-4419-A8D7-DF732DCEB76E}) (Version: 1.0.7252.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesignerR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version:  - Microsoft)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
MilGeo-PCMAP (x32 Version: 4.40.000 - EADS Deutschland GmbH) Hidden
MilGeo-PCMAP 4.4 (HKLM-x32\...\{C06B4D88-2D6E-469C-B3A3-54FCAEFFCE66}) (Version: 4.40.000 - EADS Deutschland GmbH)
Mobile Master (x32 Version: 8.9.4 - Jumping Bytes) Hidden
Mobile Master 8.9.4 (HKLM-x32\...\Mobile Master) (Version: 8.9.4 - Jumping Bytes)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.010 - MSI)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MultiMedia Disk (HKLM-x32\...\{68971113-FA43-4B5C-8243-C5F7EC77BB5E}) (Version:  - )
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Nero 2015 (HKLM-x32\...\{763EF8DC-4CC0-47CA-BE1C-BDE731462250}) (Version: 16.0.02900 - Nero AG)
Nero 2015 Content Pack (HKLM-x32\...\{55192BC6-EDBA-4F48-A2C4-3D164E41AF55}) (Version: 16.0.00300 - Nero AG)
Nero Abstract Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{0450A697-C87E-42C2-9331-29E19901F72A}) (Version: 15.2.6.22 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Blu-ray Player (x32 Version: 12.1.20081 - Nero AG) Hidden
Nero Burning Core (x32 Version: 16.0.11000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 16.0.11000 - Nero AG) Hidden
Nero Cliparts (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.2.0008 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.4.0013 - Nero AG) Hidden
Nero Device Updates (x32 Version: 15.0.1002 - Nero AG) Hidden
Nero Device Updates (x32 Version: 16.0.2000 - Nero AG) Hidden
Nero Disc Menus 1 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 2 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus 3 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 16.0.1007 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Express (x32 Version: 16.0.11000 - Nero AG) Hidden
Nero Family and Events Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Football (Soccer) Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Holiday and Sports Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Image Samples (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Info (x32 Version: 16.0.1003 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{24A500E4-0B12-4D62-9973-2C7E23CCA750}) (Version: 11.0.16401 - Nero AG)
Nero Kwik Themes Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Launcher (x32 Version: 16.0.9000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.26.7400 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects 1 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Platinum Effects 12 (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Prerequisite Installer 1.0 (HKLM-x32\...\{AFD1BFF3-FE02-47BB-8F45-739D46AEA2BC}) (Version: 11.0.12700 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{2D510AEB-E37D-4B5D-B168-C9C49E3F58C5}) (Version: 12.0.01500 - Nero AG)
Nero Recode (x32 Version: 16.0.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 16.0.3000 - Nero AG) Hidden
Nero Retro Film Themes (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.16006 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video (x32 Version: 16.0.4000 - Nero AG) Hidden
Nero Video Samples (x32 Version: 16.0.10002 - Nero AG) Hidden
Nero Video Transitions 1 (x32 Version: 16.0.10002 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20014 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nuance Cloud Connector (HKLM-x32\...\{DE7C1B86-27EF-4D02-886E-17CC3458034B}) (Version: 3.2.713 - Nuance Communications, Inc.)
Nuance OmniPage 18 (HKLM-x32\...\{74D199FC-CEFB-45AF-B364-754E1A75220E}) (Version: 18.1.0000 - Nuance Communications, Inc.)
Nuance PaperPort 12 (HKLM-x32\...\{69192731-44E6-4C08-B0A3-66174478B9E3}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc)
Nuance PDF Viewer Plus (HKLM-x32\...\{EC00862A-C16F-4ED0-BC06-34538512E730}) (Version: 5.30.3296 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1150 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
Office-Bibliothek 4.1 (HKLM-x32\...\{54971F17-9D16-4D43-95D6-3A86E3D20EDB}) (Version:  - )
OnlineControl 1.1 (HKLM-x32\...\OnlineControl_is1) (Version: 1.1.22 - Deutsche Telekom AG T-Com)
ORICO Tools 2.0.2.4 (HKLM-x32\...\ORICO Tools) (Version: 2.0.2.4 - ORICO)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Paragon Partition Manager™ 11 Personal (HKLM-x32\...\{986A654F-F1E4-11DD-9FCA-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Suite (HKLM-x32\...\{5598CA96-EFA4-4AFE-BB8E-C91CF778CEC4}) (Version: 1.0 - O2)
PC Suite (x32 Version: 1.0 - O2) Hidden
PDF Password Remover v3.0 (HKLM-x32\...\PDF Password Remover v3.0_is1) (Version:  - VeryPDF.com Inc)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
Platform (x32 Version: 1.38 - VIA Technologies, Inc.) Hidden
Prerequisite installer (x32 Version: 12.0.0005 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0000 - Nero AG) Hidden
Presto! BizCard 6 (HKLM-x32\...\{4F9D15B4-0F57-4B84-94AE-C1286C8D4443}) (Version: 6.10.10 - NewSoft Technology Corporation)
Presto! BizCard 6 (x32 Version: 6.10.10 - NewSoft) Hidden
Presto! PageManager 9.01 SE (HKLM-x32\...\{01BE175C-02D1-45E6-9610-7E3D0178191D}) (Version: 9.01.31 - Newsoft Technology Corporation)
Presto! PrintCentral (HKLM-x32\...\{A4FB2418-C84E-49A2-B7FE-48D71B54C1DF}) (Version: 1.00.02 - NewSoft Technology Corporation)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Quicken DELUXE 2012 (HKLM-x32\...\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}) (Version: 19.36.00.0165 - Haufe-Lexware GmbH & Co.KG)
Quicken Import Export Server 2012 (HKLM-x32\...\{7FC74607-ED6E-49C3-87FA-56B50A2EE158}) (Version: 19.30.00.0134 - Haufe-Lexware GmbH & Co.KG)
QuickLOAD (HKLM-x32\...\ST5UNST #1) (Version:  - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.0.11112_41 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.0.11112_41 - Samsung Electronics Co., Ltd.) Hidden
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Silicon Laboratories CP210x VCP Drivers for Windows 7 (HKLM-x32\...\{93AF2822-B19D-45BE-BF50-DE5C5FB2B7A4}) (Version: 5.40.24 - Silicon Laboratories, Inc.)
SmartTools Publishing • Access Berichte-Verteiler (HKLM-x32\...\SmartToolsBerichte-Verteilerv2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Access Kalender-ActiveX (HKLM-x32\...\SmartToolsKalender-ActiveXv1.00) (Version: v1.00 - SmartTools Publishing)
SmartTools Publishing • Access SQL aus Abfragen (HKLM-x32\...\SmartToolsSQL aus Abfragenv3.00) (Version: v3.00 - SmartTools Publishing)
SmartTools Publishing • Access Zahl in Worten (HKLM-x32\...\SmartToolsZahl in Wortenv2.50) (Version: v2.50 - SmartTools Publishing)
SmartTools Publishing • Best of Excel Weekly, Vol 2 (HKLM-x32\...\SmartToolsBest of Excel Weekly, Vol 2v2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Excel EM-Tipp 2012 (HKLM-x32\...\SmartToolsEM-Tipp 2012v3.00) (Version: v3.00 - SmartTools Publishing)
SmartTools Publishing • Excel Jahresplan (HKLM-x32\...\SmartToolsJahresplanv3.00) (Version: v3.00 - SmartTools Publishing)
SmartTools Publishing • Excel MapMerger (HKLM-x32\...\SmartToolsMapMergerv3.00) (Version: v3.00 - SmartTools Publishing)
SmartTools Publishing • Excel MapNotes (HKLM-x32\...\SmartToolsMapNotesv2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Excel Mini-Kalender (HKLM-x32\...\SmartToolsMini-Kalenderv2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Excel Projektplan (HKLM-x32\...\SmartToolsProjektplanv2.00) (Version: v2.00 - SmartTools Publishing)
SmartTools Publishing • Excel Spalten-Assistent (HKLM-x32\...\SmartToolsSpalten-Assistentv1.50) (Version: v1.50 - SmartTools Publishing)
SmartTools Publishing • Excel WM-Tipp 2010 (HKLM-x32\...\SmartToolsWM-Tipp 2010v1.00) (Version: v1.00 - SmartTools Publishing)
SmartTools Publishing • Excel Wochenplan 2011, 2012 (HKLM-x32\...\SmartToolsWochenplan 2011, 2012v1.00) (Version: v1.00 - SmartTools Publishing)
SmartTools Publishing • Outlook Feiertags- und Ferien-Assistent (HKLM-x32\...\SmartToolsFeiertags- und Ferien-Assistentv4.00) (Version: v4.00 - SmartTools Publishing)
SmartTools Publishing • Word Briefassistenten (HKLM-x32\...\SmartToolsBriefassistentenv1.00) (Version: v1.00 - SmartTools Publishing)
SmartTools Publishing • Word Kalender-Assistent (HKLM-x32\...\SmartToolsKalender-Assistentv5.00) (Version: v5.00 - SmartTools Publishing)
SmartTools Publishing • Word Kalender-Assistent (HKLM-x32\...\SmartToolsKalender-Assistentv6.00) (Version: v6.00 - SmartTools Publishing)
SmartTools Publishing • Word Kalender-Assistent 2013 (HKLM-x32\...\SmartToolsKalender-Assistent 2013v7.00) (Version: v7.00 - SmartTools Publishing)
SmartTools Publishing • Word Shortcut-Referenz (HKLM-x32\...\SmartToolsShortcut-Referenzv1.00) (Version: v1.00 - SmartTools Publishing)
sPlan 6.0 (HKLM-x32\...\sPlan_60_is1) (Version:  - )
Steganos Password Manager 12 (HKLM-x32\...\{C009A918-0C06-45B3-AEF6-B1057307A643}) (Version: 12.0.6 - Steganos Software GmbH)
Sun-Moon-Calendar 9 (HKLM-x32\...\Sun-Moon-Calendar 9) (Version: Version 9.8 - Dr. Regener)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TippGenerator 7.61 FreeVersion (HKLM-x32\...\TippGeneratorFree_is1) (Version:  - )
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Top50 Viewer basierend auf Geogrid®-Viewer Version 3.2 (HKLM-x32\...\DeInst_d2vexcrd E:/Top50 V4) (Version:  - )
Total Zip 1.0 (HKLM-x32\...\Total Zip_is1) (Version:  - Bitberry Software)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4410.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.2160.11 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.4500.26 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_SharePointDesignerR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0017-0000-0000-0000000FF1CE}_SharePointDesignerR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899475) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{23AE87D8-AB2F-4539-935C-442BC976F469}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB Wächter (HKLM-x32\...\{960090F2-A75A-4885-B41F-21C3D5BE1E84}_is1) (Version: 0.7.1.130 - Trinit-Soft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.38 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VR-IBAN-Konverter (HKLM-x32\...\{310F494E-B54F-486B-97EB-427CA66DED36}) (Version: 1.00.0030 - Genossenschaftliche FinanzGruppe)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )
VueScan (HKLM\...\VueScan) (Version:  - )
VueScan (HKLM-x32\...\VueScan) (Version:  - )
WebViewer (HKLM-x32\...\WebViewer) (Version: 1.0.2.6936 - 3DIS GmbH)
Weihnachtszeit 3D Bildschirmschoner 1.0 (HKLM-x32\...\Weihnachtszeit 3D Bildschirmschoner_is1) (Version:  - )
Wertpapieranalyse 2012 (HKLM-x32\...\{223766BE-E834-47AF-B002-0BAC11A37812}) (Version: 1.00.0006 - Haufe-Lexware GmbH & Co. KG)
Windows Double Explorer (HKLM-x32\...\{1A5FA474-BFE2-43B4-B6A6-01F097489883}) (Version: 1.0.0 - Jörg Dähler - Software Solutions)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (10/07/2013 6.0.1.7058) (HKLM\...\DE7597D60A9A5CE6DE9AAA75BF05E6A6722AE298) (Version: 10/07/2013 6.0.1.7058 - Realtek Semiconductor Corp.)
Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.8.5.1 - )
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WiseIconMaker 1.5 (HKLM-x32\...\WiseIconMaker_is1) (Version:  - JosesSoft, Inc.)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Wondershare PDF Converter Pro (Build 2.6.2) (HKLM-x32\...\{19C7BF26-FF3F-4B74-ACA0-57F223928E01}_is1) (Version: 2.6.2 - Wondershare Software)
Xilisoft PowerPoint to Video Converter Business (HKLM-x32\...\Xilisoft PowerPoint to Video Converter Business) (Version: 1.0.3.0305 - Xilisoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{0911ECFC-FE5F-4C7F-A9A6-97ADAEE5D6FC}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{3E6B9545-542A-3F2C-A51B-0C61EDEB7129}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{77371816-0DAB-3402-92AF-FF3B7415CB63}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{801C7ABB-5CF0-33F4-A27D-977D6E1852E2}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{B0229119-6503-3523-A242-B786A39EA86A}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{C5CA7E56-87E7-36D8-AFA4-6D63004C3E9B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{C887105A-1C2A-3C85-8B1B-8F3DF7ED097B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{CA656210-F907-3444-A822-E74FDA064D6C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{D087AA31-F943-37F8-9FB3-1A00796125C2}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1256300535-3656786790-4203701623-1001_Classes\CLSID\{E83BFFAA-7CB4-3346-B4B2-E5A0BEA5BD94}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points  =========================

18-10-2014 07:53:03 Windows Update
18-10-2014 08:46:55 Windows Update
18-10-2014 09:15:10 Windows Update
18-10-2014 09:19:08 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07234C7A-E6E8-4180-9FBB-63678495871F} - System32\Tasks\Update Manager => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [2010-09-15] (Haufe-Lexware GmbH & Co. KG)
Task: {095E9F4E-940C-47C8-89CB-B6E6BA87DCBF} - System32\Tasks\{699649F9-5C0D-4FD7-AD24-617669546763} => E:\Samsung\Kies\Kies.exe [2014-07-25] (Samsung)
Task: {0D7A7ECB-40E4-43C6-B722-A71954672DAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-22] (Google Inc.)
Task: {29B63481-5903-42B9-986B-CC49F531E8A2} - System32\Tasks\{D97214B7-40BF-450F-85B2-A46DD292A717} => E:\POIbase\POIbase.exe
Task: {2BA21DA8-E788-4C1F-9E05-CE6F41A9B801} - System32\Tasks\{D8DB53C6-9B2F-4605-A11B-681698D3E351} => K:\SETUP.EXE
Task: {2D44FE03-FDEE-4981-A0DD-6F7EEB95E517} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-22] (Google Inc.)
Task: {2DBAD2CD-A8E2-48D6-BB9E-88EE4B1003E5} - System32\Tasks\{0BEE9C56-12C3-42A1-A3D6-B4DEF82D4911} => E:\VR-NetWorld\VRNetWorld.exe [2014-01-30] ()
Task: {337433D6-DE4A-4AFA-B5C7-15918E9E90FF} - System32\Tasks\{1FB4A78B-C6B9-4952-8C0C-ABBDF289B610} => E:\Samsung\Launcher.exe
Task: {3976D069-5A85-48AA-A365-1E05BBE3BF8D} - System32\Tasks\WISO Mein Sparbuch heute => E:\WISO\meinsparbuchheute.exe
Task: {3C110CF2-5DB2-47A4-9EF4-E6B837188B85} - System32\Tasks\{FC43D33C-9413-48F6-8749-E800708016B1} => E:\Samsung\Kies\Kies.exe [2014-07-25] (Samsung)
Task: {3FB3E7FC-74C4-426F-AE9A-1B34989707DC} - System32\Tasks\{23222A76-DEF6-495F-8DCA-6319611F0B96} => E:\Dr.Regener\rlk.exe [2008-11-06] (GPSur Dr. Erhard Regener)
Task: {407DBE15-53B4-4A24-A850-4765302A1BBA} - System32\Tasks\{AAE13D0F-1645-4A29-A2E1-7E2E54802A96} => K:\SETUP.EXE
Task: {43388CAF-29D9-4B87-9E8B-852E4E262E4C} - System32\Tasks\{296BE6DD-5116-4853-8D64-67FAAF76A8C9} => E:\POIbase\POIbase.exe
Task: {443AAF17-14EE-424E-B2B3-1E9690FB60BE} - System32\Tasks\{44798161-A236-4E6D-8FDD-72B593597368} => E:\Samsung\Launcher.exe
Task: {4E21A19F-72C7-42CE-A0A3-57933FDD6F5C} - System32\Tasks\{0E83A38A-71AD-4270-85FD-7925D7366A45} => E:\CaplioG3\Capftpd.exe [2004-05-06] (Ricoh Co.,Ltd.)
Task: {55994F03-6884-48D1-8687-082B51D6A5EC} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {56A81CBA-D9AB-4CC0-B020-188260E49681} - System32\Tasks\{92F328A2-FAD5-46FA-96C9-A2737D0BD396} => E:\BeckerCAD\PROGRAM\BCAD\Becker.exe
Task: {588E9E88-9BF1-4CDF-BA33-813D01AB676B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5F3BFE2E-D5E3-4325-BDA7-1C2045352ACD} - System32\Tasks\{7BB0CBCB-4299-4F0F-BD5D-5C59FFCB3248} => E:\Samsung\Launcher.exe
Task: {62B6E826-3EDD-4F38-B4DB-1D81BC6DD36E} - System32\Tasks\{30E14213-C4CA-4811-9144-5CF8007FFA2E} => E:\Samsung\Kies\Kies.exe [2014-07-25] (Samsung)
Task: {64ADD47C-B976-43E2-BA1B-7DA75699D2E7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {67D46AF2-1161-417B-AA2A-35219BF9F5E3} - System32\Tasks\{15A3473A-F94C-4725-96DA-025AC72D3FA8} => E:\Corel\Corel Paint Shop Pro Photo.exe [2006-08-04] (Corel, Inc.)
Task: {6AEA6EFF-E0BB-4DE4-B9FF-A89001805911} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
Task: {6BB76224-3FE5-4D56-A129-5A570F566EF4} - System32\Tasks\{0B3A80A0-825C-451D-B07A-605DF8B0367F} => E:\NASA\World Wind 1.4\WorldWind.exe
Task: {6C9E5D2B-BA3D-4BCE-8316-E6D29B07BBC6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {6EC218F7-A2DC-451C-85CA-059E67434EB8} - System32\Tasks\Gerhard Nero LIVEBackup 12 0 => E:\Nero12\Nero 12\Nero BackItUp\NBCore.exe
Task: {740CA8C2-6EB5-4B10-9A59-D55E1111FC1E} - System32\Tasks\Gerhard Nero LIVEBackup Merge 12 0 => E:\Nero12\Nero 12\Nero BackItUp\NBCore.exe
Task: {82B16C09-D6D0-4F5F-B2BA-6B0D1A252DF1} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {96ECB066-4109-4FD1-B244-C2C407134DA5} - System32\Tasks\{F1287E7D-0BDB-4091-A31D-3D9205CB5BB6} => E:\CaplioG3\CaplioSoftware_R1V\RGateLXP.exe
Task: {9A8C13C4-F7CD-435F-8BE4-2F0AE020A4F5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-09-04] (AVG Technologies)
Task: {9B354D60-8D9A-4F12-AEC8-4D54AD36B0CB} - System32\Tasks\{83E8BE73-EBC2-4C75-B41D-C7CE30078312} => E:\POIbase\POIbase.exe
Task: {9C5CD000-4D7A-4762-885C-D21E0FFD87D8} - System32\Tasks\{021D9944-64AF-4BC5-A0FB-1043595DA4C9} => E:\Samsung\Kies\Kies.exe [2014-07-25] (Samsung)
Task: {9F7305A3-3C12-4B20-B3DC-444ECFBD54CB} - System32\Tasks\{2E6D1EC6-5E73-495C-9BA8-4A7F3C064DB8} => E:\Corel\Corel Paint Shop Pro Photo.exe [2006-08-04] (Corel, Inc.)
Task: {B000513C-6D30-4001-8473-686277915EF5} - System32\Tasks\{030F87AC-D126-48DE-895C-FFFD6CDB8550} => C:\Program Files (x86)\POIbase\POIbase.exe
Task: {C545A85F-F781-4866-85DF-1654D368D899} - System32\Tasks\{C3D1880E-4E5D-4CD1-8A47-CB8D1F7EAD76} => C:\Program Files (x86)\Caplio Software\Capftpd.exe
Task: {C9073C3E-3234-4A10-8337-49DA770DAFF3} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {CCA1C39C-B0D6-4377-A83B-7E397127E707} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {D43D60F0-9E54-4E32-82E7-BC578B7B714E} - System32\Tasks\{1B3CA8FD-E938-49D7-9A14-9059E1F5A68C} => E:\CaplioG3\CaplioSoftware_R1V\RGateLXP.exe
Task: {E6BA6BCA-7630-48DD-9453-B28A21CFE80D} - System32\Tasks\{BA8A74DD-EC60-47D4-9C29-4247FD1FF0C3} => E:\BeckerCAD\PROGRAM\BCAD\Becker.exe
Task: {E75F9974-0DE3-4767-A24C-4904F2A759A8} - System32\Tasks\{780BB7C0-EF1C-42C4-913C-8A0624FACFAD} => E:\VR-NetWorld\VRNetWorld.exe [2014-01-30] ()
Task: {F75124E0-DB25-47A6-AE52-FA766E93AA0E} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [2010-09-15] (Haufe-Lexware GmbH & Co. KG)
Task: {FB9FEFBA-E336-44EE-A9A1-D8204D9176B4} - System32\Tasks\Gerhards Dateisicherung 15 0 => C:\Program Files (x86)\Nero\Nero BackItUp\NBCore.exe [2014-09-24] (Nero AG)
Task: {FF73E5F3-A9E2-4CD5-984D-2F23FA8A5205} - System32\Tasks\{A56529AB-0944-476C-97DA-5850F6D5E47B} => C:\Program Files (x86)\Dr. Regener\Streckenbuch\rsbstart.exe [2008-05-09] (GPSur Dr. Erhard Regener)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-11-18 14:40 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-29 20:48 - 2012-02-17 20:55 - 00193536 _____ () E:\WinRAR\rarext.dll
2010-12-16 09:11 - 2010-12-16 09:11 - 00020480 _____ () E:\ORICO\ORICO Tools\IovstRouteService_win7.exe
2011-07-26 11:21 - 2011-07-26 11:21 - 00222064 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2014-10-12 14:16 - 2014-10-12 14:16 - 00700430 _____ () C:\Users\Gerhard\AppData\Roaming\InetStat\inetstat.exe
2011-12-23 14:35 - 2014-09-07 20:19 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2014-09-04 13:23 - 2014-09-04 13:23 - 00699704 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-09-04 13:23 - 2014-09-04 13:23 - 00487736 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tuavga.dll
2014-08-11 22:51 - 2014-08-11 22:50 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-09-04 13:23 - 2014-09-04 13:23 - 00837432 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2014-10-12 13:42 - 2014-10-12 13:42 - 00060453 _____ () C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe
2010-05-26 18:19 - 2007-05-31 07:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2011-07-26 11:13 - 2011-07-26 11:13 - 00292720 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2011-07-26 11:13 - 2011-07-26 11:13 - 00079728 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2011-07-26 11:13 - 2011-07-26 11:13 - 00015216 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2014-10-11 17:37 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2014-08-11 22:51 - 2014-08-11 22:50 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-09-04 14:51 - 2014-09-04 14:51 - 00019968 _____ () E:\Adobe\Acrobat\locale\de_de\acrotray.deu
2014-09-24 16:41 - 2014-09-24 16:41 - 31842816 _____ () C:\Program Files (x86)\AVG\Framework\Common\libcef.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2011-12-22 18:11 - 2011-12-22 18:11 - 00471696 _____ () E:\Duden-Rechtschreibprüfung\adxloader.dll
2009-01-27 14:31 - 2009-01-27 14:31 - 00786432 _____ () E:\Duden-Rechtschreibprüfung\Interop.Access.dll
2009-01-27 14:31 - 2009-01-27 14:31 - 00950272 _____ () E:\Duden-Rechtschreibprüfung\Interop.Excel.dll
2009-01-27 14:31 - 2009-01-27 14:31 - 00065536 _____ () E:\Duden-Rechtschreibprüfung\Interop.FrontPage.dll
2009-01-27 14:31 - 2009-01-27 14:31 - 00286720 _____ () E:\Duden-Rechtschreibprüfung\Interop.Outlook.dll
2009-01-27 14:31 - 2009-01-27 14:31 - 00204800 _____ () E:\Duden-Rechtschreibprüfung\Interop.PowerPoint.dll
2009-01-27 14:31 - 2009-01-27 14:31 - 00495616 _____ () E:\Duden-Rechtschreibprüfung\Interop.Word.dll
2011-06-28 02:04 - 2011-06-28 02:04 - 00478208 _____ () C:\Program Files (x86)\Common Files\ScanSoft Shared\PDF7\OutlookAddin.dll
2011-06-28 02:03 - 2011-06-28 02:03 - 00276480 _____ () C:\Program Files (x86)\Common Files\ScanSoft Shared\PDF7\MailProcessor7.dll
2014-09-04 14:50 - 2014-09-04 14:50 - 02897304 _____ () E:\Adobe\PDFMaker\Common\AdobePDFMakerX.dll
2014-09-04 14:51 - 2014-09-04 14:51 - 01446400 _____ () E:\Adobe\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () E:\Office14\ADDINS\UmOutlookAddin.dll
2009-01-27 14:31 - 2009-01-27 14:31 - 00151552 _____ () E:\Duden-Rechtschreibprüfung\Interop.Office.dll
2011-10-05 10:32 - 2011-10-05 10:32 - 00118272 _____ () E:\Duden-Rechtschreibprüfung\MBControls.dll
2014-09-04 13:18 - 2014-09-04 13:18 - 00173368 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUBasic.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00726328 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUKernel.bpl
2014-09-04 13:19 - 2014-09-04 13:19 - 10210104 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUComponents.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00095032 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUTransl.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00170296 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\PerlRegEx.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00260408 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\XMLComponents.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00559416 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\GR32_D6.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00101688 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUShell.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00054072 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxCoreD12.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00069944 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxThemeD12.bpl
2014-09-04 13:19 - 2014-09-04 13:19 - 01076536 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\cxLibraryD12.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00089400 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxGDIPlusD12.bpl
2014-09-04 13:19 - 2014-09-04 13:19 - 01374520 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxBarD12.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00021304 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxComnD12.bpl
2014-09-04 13:18 - 2014-09-04 13:18 - 00063288 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TURar.bpl
2014-09-04 13:23 - 2014-09-04 13:23 - 00709944 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulngx.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:01C66DD9
AlternateDataStreams: C:\ProgramData\TEMP:0B9FB94D
AlternateDataStreams: C:\ProgramData\TEMP:A303874F
AlternateDataStreams: C:\ProgramData\TEMP:A4A25FD3
AlternateDataStreams: C:\ProgramData\TEMP:BD872EF0

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: KiesHelper => E:\Samsung\Kies\KiesHelper.exe /s                                                                                                                                                                                                                                       
MSCONFIG\startupreg: KiesTrayAgent => E:\Samsung\Kies\KiesTrayAgent.exe                                                                                                                                                                                                                                       
MSCONFIG\startupreg: SmBizcard => C:\Program Files (x86)\NewSoft\Presto! BizCard 6\SmBizcard.exe
MSCONFIG\startupreg: vspdfprsrv.exe => E:\PDFExperte\vspdfprsrv.exe --background

========================= Accounts: ==========================

Administrator (S-1-5-21-1256300535-3656786790-4203701623-500 - Administrator - Disabled)
Gast (S-1-5-21-1256300535-3656786790-4203701623-501 - Limited - Disabled) => C:\Users\Gast
Gerhard (S-1-5-21-1256300535-3656786790-4203701623-1001 - Administrator - Enabled) => C:\Users\Gerhard
HomeGroupUser$ (S-1-5-21-1256300535-3656786790-4203701623-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-1256300535-3656786790-4203701623-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2014 00:47:38 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/19/2014 00:47:38 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/19/2014 00:47:38 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/19/2014 00:47:38 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/19/2014 00:47:20 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/19/2014 00:47:20 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/19/2014 00:47:20 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/19/2014 00:47:20 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/19/2014 00:46:43 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)

Error: (10/19/2014 00:46:43 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Das System kann die angegebene Datei nicht finden.  (HRESULT : 0x80070002) (0x80070002)


System errors:
=============
Error: (10/19/2014 00:47:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 13 Mal passiert.

Error: (10/19/2014 00:47:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%2

Error: (10/19/2014 00:47:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 12 Mal passiert.

Error: (10/19/2014 00:47:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%2

Error: (10/19/2014 00:46:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 11 Mal passiert.

Error: (10/19/2014 00:46:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%2

Error: (10/19/2014 00:45:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 10 Mal passiert.

Error: (10/19/2014 00:45:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem Fehler beendet:
%%2

Error: (10/19/2014 00:42:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (10/19/2014 00:42:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.


Microsoft Office Sessions:
=========================
Error: (01/30/2013 10:01:40 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/23/2012 07:59:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/16/2012 08:57:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 381 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (01/18/2012 08:03:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 128 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/09/2012 08:02:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1036 seconds with 900 seconds of active time.  This session ended with a crash.

Error: (12/04/2011 01:31:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 24 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/23/2011 07:33:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 87 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (11/23/2011 07:31:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 132 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (11/22/2011 02:37:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6611.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3499 seconds with 600 seconds of active time.  This session ended with a crash.

Error: (10/07/2011 04:19:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 8692 seconds with 2640 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-10-09 16:28:18.337
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:18.009
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:15.513
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:15.186
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:12.692
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:12.359
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:09.884
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:09.552
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:07.071
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-09 16:28:06.747
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Percentage of memory in use: 53%
Total physical RAM: 4095.37 MB
Available physical RAM: 1915.57 MB
Total Pagefile: 8188.91 MB
Available Pagefile: 5759.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:146.48 GB) (Free:64.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Programme) (Fixed) (Total:244.14 GB) (Free:216.51 GB) NTFS
Drive f: (Daten) (Fixed) (Total:195.31 GB) (Free:82.48 GB) NTFS
Drive g: (Sicherung) (Fixed) (Total:112.7 GB) (Free:79.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=112.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

GerKK 19.10.2014 12:08
Trojaner auf dem Rechner,
 
und zuletzt der FRST.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Gerhard (administrator) on GERHARD-PC on 19-10-2014 12:51:28
Running from G:\AdwareCleaner
Loaded Profiles: Gerhard & UpdatusUser (Available profiles: Gerhard & UpdatusUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
() E:\ORICO\ORICO Tools\IovstRouteService_win7.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
() C:\Users\Gerhard\AppData\Roaming\InetStat\inetstat.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(T-Com Bereich Endgeräte) E:\TOnline\OnlineControl\ocontrol.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Nuance Communications, Inc.) E:\PDF Create 7\PdfCreate7Hook.exe
(Nuance Communications, Inc.) E:\Nuance\PDFViewerPlus\pdfPro5Hook.exe
(Adobe Systems Inc.) E:\Adobe\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Nuance Communications, Inc.) E:\Nuance\PaperPort\PDFProFiltSrvPP.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Trinit-Soft) E:\USB Wächter\USBWService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) E:\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TURatingSynch.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2012-03-26] (VIA Technologies, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [380760 2013-07-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => E:\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NsPrtMon] => C:\Program Files\NewSoft\Presto! PrintCentral\NsPrtMon.exe [42832 2009-09-11] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.01\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-09-07] ()
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [OmniPage Preload] => E:\ScanSoft18\OmniPage18.exe [2987880 2011-08-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => E:\PDF Create 7\pdfcreate7hook.exe [605032 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => E:\PDF Create 7\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => E:\Nuance\PaperPort\IndexSearch.exe [46368 2010-02-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => E:\Nuance\PDFViewerPlus\pdfpro5hook.exe [1369376 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => E:\Nuance\PDFViewerPlus\RegistryController.exe [62752 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-10-09] (APN)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1104912 2014-08-20] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPreload] => E:\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [InetStat] => C:\Users\Gerhard\AppData\Roaming\InetStat\inetstat.exe [700430 2014-10-12] ()
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [TomTomHOME.exe] => "E:\TomTom HOME 2\TomTomHOMERunner.exe"
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesHelper] => E:\Samsung\Kies\KiesHelper.exe /s
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [OpAgent] => "OpAgent.exe" /agent
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-06-11] (AVG Secure Search)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {a4686039-67f6-11df-a1d0-806e6f6e6963} - K:\AUTORUN.EXE
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {b0dc9a48-a89c-11e1-9d81-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
IFEO\kies.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Office-Bibliothek-Direktsuche.lnk
ShortcutTarget: Office-Bibliothek-Direktsuche.lnk -> E:\Fremdwörterlexikon\PCLib.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlineControl.lnk
ShortcutTarget: OnlineControl.lnk -> E:\TOnline\OnlineControl\ocontrol.exe (T-Com Bereich Endgeräte)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2012 Zahlungserinnerung.lnk
ShortcutTarget: Quicken 2012 Zahlungserinnerung.lnk -> C:\Windows\Installer\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> E:\VR-NetWorld\vrtoolcheckorder.exe (VR-NetWorld Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> E:\WISO2013\mshaktuell.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:16240
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://isearch.avg.com/?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=12.2.5.32&sap=hp
hxxp://www.microsoft.com/windows/ie/searchguide/de-de/default.mspx?dcsref=hxxp://runonce.msn.com/runonce2.aspx#
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=BDT3&ocid=bdtdhp
URLSearchHook: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
URLSearchHook: HKCU - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=AC0AF970-ABE5-4AE2-989D-14A6F42B02E5&apn_sauid=3107F890-C314-4F1A-B0A5-F9A477BAE173
SearchScopes: HKCU - {65D51F5B-E716-48F8-AA2B-B0851599B02B} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {8C86B2E0-AD99-4008-9A1E-8526E0B00130} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BrowseToolE0191 Toolbar -> {40c3cc16-7269-4b32-9531-17f2950fb06f} -> C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> E:\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - E:\SteganosPM12\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - E:\SteganosPM12\spmplugin3
FF Extension: Steganos Password Manager - E:\SteganosPM12\spmplugin3 [2010-06-02]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-09-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\Adobe\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\Adobe\Acrobat\Browser\WCFirefoxExtn [2012-04-05]
FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - E:\Mobile Master\ext\1
FF Extension: Mobile Master Add-In - E:\Mobile Master\ext\1 [2014-09-30]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [806704 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-20] (APN LLC.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [846864 2014-08-20] (AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 CronODBCSprite; C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe [60453 2014-10-12] () [File not signed]
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2011-07-26] (Gladinet, INC)
R2 IovstRouterService; E:\ORICO\ORICO Tools\IovstRouteService_win7.exe [20480 2010-12-16] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 Microsoft Office Groove Audit Service; E:\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
S2 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [273248 2014-09-24] (Nero AG)
R2 PDFProFiltSrvPP; E:\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-02-11] (Nuance Communications, Inc.)
S3 TDslMgrService; E:\TOnline\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2538808 2014-09-04] (AVG Technologies)
R2 USBWaechter; E:\USB Wächter\USBWService.exe [2403840 2010-07-10] (Trinit-Soft) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S2 HPSLPSVC; C:\Users\Gerhard\AppData\Local\Temp\7zS5C53\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-07] (Avira Operations GmbH & Co. KG)
S2 CdaC15BA; C:\Windows\SysWOW64\drivers\CDAC15BA.SYS [8864 2011-06-17] () [File not signed]
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-10-25] (Devguru Co., Ltd)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-15] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2010-05-28] (Paragon Software Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-11-23] (Duplex Secure Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-08-28] (TuneUp Software)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [256000 2012-03-26] (VIA Technologies, Inc.)
S3 cpuz132; \??\C:\Users\Gerhard\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 12:36 - 2014-10-19 12:36 - 00065536 ___HT () C:\Users\Gerhard\Documents\~Outlook.pst.tmp
2014-10-18 14:02 - 2014-10-19 12:51 - 00000000 ____D () C:\FRST
2014-10-18 13:17 - 2014-10-18 13:17 - 00000020 _____ () C:\Users\Gerhard\defogger_reenable
2014-10-18 11:14 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 11:14 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 10:46 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 10:46 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 09:40 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 09:40 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 09:38 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 09:38 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-18 09:38 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 09:38 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 09:10 - 2014-10-19 12:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-18 09:09 - 2014-10-18 09:09 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-18 09:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-18 09:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-18 09:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-17 19:19 - 2014-10-17 19:19 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\CheckCode
2014-10-12 14:16 - 2014-10-12 14:16 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-12 14:16 - 2014-10-12 14:16 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\InetStat
2014-10-12 14:00 - 2014-10-12 14:00 - 00301608 _____ (VuuPC Limited) C:\Users\Gerhard\AppData\Local\nsc91A4.tmp
2014-10-12 14:00 - 2014-10-12 14:00 - 00000830 _____ () C:\Users\Gerhard\Desktop\Continue VuuPC Installation.lnk
2014-10-12 13:42 - 2014-10-12 13:42 - 00000000 ____D () C:\Windows\SysWOW64\CronODBCSprite
2014-10-12 13:35 - 2014-10-18 12:29 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\StormWatch
2014-10-11 17:37 - 2014-10-11 17:37 - 00002041 _____ () C:\Users\Public\Desktop\MSI Live Update 6.lnk
2014-10-11 17:37 - 2014-10-11 17:37 - 00000000 ____D () C:\MSILU
2014-10-10 12:03 - 2014-10-10 12:07 - 00000000 ____D () C:\Users\Gerhard\HDR Projects
2014-10-10 12:02 - 2014-10-10 12:02 - 00000726 _____ () C:\Users\Public\Desktop\HDR Projects platin (64-Bit).lnk
2014-10-10 12:02 - 2014-10-10 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2014-10-09 20:24 - 2014-10-09 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-09 20:16 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-09 20:16 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-09 18:46 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-09 18:46 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-09 18:46 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-09 18:46 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-09 18:46 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-09 18:46 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-09 18:46 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-10-09 16:28 - 2014-10-09 16:28 - 00000710 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-10-09 16:27 - 2013-12-30 03:54 - 00233472 _____ (Teruten) C:\Windows\SysWOW64\FsUsbExService.Exe
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sys
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sy_
2014-10-09 16:27 - 2011-11-29 17:40 - 00110592 _____ () C:\Windows\SysWOW64\FsUsbExDevice.Dll
2014-10-09 15:32 - 2014-10-09 19:57 - 00002841 _____ () C:\Users\Public\Desktop\Nero 2015.lnk
2014-10-09 15:30 - 2014-10-09 19:59 - 00002115 _____ () C:\Users\Public\Desktop\Nero MediaHome.lnk
2014-10-09 15:22 - 2014-10-09 15:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebViewer
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Program Files (x86)\WebViewer
2014-10-05 10:32 - 2014-10-05 10:32 - 00000901 _____ () C:\Users\Public\Desktop\QuickLOAD De-Installation.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000627 _____ () C:\Users\Public\Desktop\QuickLOAD Liste der Messläufe.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000615 _____ () C:\Users\Public\Desktop\QuickTARGET Unlimited Handbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000608 _____ () C:\Users\Public\Desktop\QuickTARGET Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000604 _____ () C:\Users\Public\Desktop\QuickLOAD Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000596 _____ () C:\Users\Public\Desktop\QuickLOAD Wichtig!.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000592 _____ () C:\Users\Public\Desktop\QuickTARGETUnlimited.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000577 _____ () C:\Users\Public\Desktop\QuickTARGET.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000573 _____ () C:\Users\Public\Desktop\QuickLOAD.lnk
2014-10-05 10:29 - 2014-10-05 10:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickLOAD
2014-10-05 10:29 - 2012-02-16 15:46 - 00139264 _____ (Axis Controls Ltd) C:\Windows\SysWOW64\SComm32.ocx
2014-10-05 08:46 - 2014-10-05 08:46 - 00002114 _____ () C:\Users\Gerhard\Desktop\AVG 1-Klick-Wartung.lnk
2014-10-01 09:19 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:19 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 16:31 - 2014-09-30 16:31 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Mobile Master
2014-09-30 14:07 - 2014-09-30 14:07 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-30 14:01 - 2014-10-02 13:13 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Mobile Master
2014-09-30 14:01 - 2014-09-30 14:01 - 00000000 ____D () C:\ProgramData\Mobile Master
2014-09-30 14:00 - 2014-09-30 14:00 - 00000688 _____ () C:\Users\Public\Desktop\Mobile Master.lnk
2014-09-30 14:00 - 2014-09-30 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Master
2014-09-30 13:59 - 2014-09-30 13:59 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Jumping Bytes
2014-09-30 09:59 - 2014-09-30 09:59 - 00002969 _____ () C:\Users\Public\Desktop\Nero BackItUp.lnk
2014-09-25 13:38 - 2014-09-25 13:38 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-09-24 18:56 - 2014-09-24 18:56 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-09-24 18:40 - 2014-09-24 18:40 - 00002223 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-09-24 18:40 - 2014-09-24 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2014-09-24 18:40 - 2014-09-04 13:23 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-09-24 18:40 - 2014-09-04 13:23 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-09-24 18:40 - 2014-09-04 13:23 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-09-24 18:39 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\AVG
2014-09-24 16:55 - 2014-09-24 16:55 - 00000936 _____ () C:\Users\Public\Desktop\AVG.lnk
2014-09-24 16:55 - 2014-09-24 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2014-09-24 14:57 - 2014-10-05 09:48 - 00000000 ____D () C:\ProgramData\Avg
2014-09-24 14:57 - 2014-09-24 18:39 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-09-24 14:44 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Avg
2014-09-24 14:44 - 2014-09-24 18:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\AvgSetupLog
2014-09-24 09:31 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:31 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 08:24 - 2014-09-24 08:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VR-IBAN-Konverter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 12:47 - 2012-04-22 15:09 - 55886848 _____ () C:\Users\Gerhard\Documents\Outlook.pst
2014-10-19 12:39 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-19 12:39 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-19 12:29 - 2010-08-30 18:43 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-19 12:28 - 2013-08-05 07:38 - 00020591 _____ () C:\Windows\setupact.log
2014-10-19 12:28 - 2010-06-30 10:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-19 12:28 - 2010-05-27 12:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-19 12:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-18 14:24 - 2010-05-25 14:16 - 01888489 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 14:08 - 2012-04-02 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 14:08 - 2010-06-30 10:15 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 13:18 - 2013-08-05 07:38 - 03758278 _____ () C:\Windows\PFRO.log
2014-10-18 13:17 - 2010-05-25 14:24 - 00000000 ____D () C:\Users\Gerhard
2014-10-18 12:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss
2014-10-18 12:29 - 2010-09-30 20:32 - 00000000 ____D () C:\Program Files (x86)\Winload
2014-10-18 11:00 - 2013-08-05 07:38 - 00505416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 10:20 - 2010-05-25 17:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-18 10:12 - 2013-08-01 19:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 10:11 - 2009-07-14 19:58 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-10-18 10:11 - 2009-07-14 19:58 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-10-18 10:11 - 2009-07-14 07:13 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-18 09:53 - 2010-05-25 19:47 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 19:42 - 2010-05-25 14:24 - 00000000 __SHD () C:\Recovery
2014-10-17 19:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-10-11 17:07 - 2010-05-26 15:28 - 00013030 _____ () C:\Users\Public\PDOXUSRS.NET
2014-10-10 11:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-09 20:16 - 2011-06-25 15:15 - 00000000 ____D () C:\Temp
2014-10-09 20:16 - 2010-07-18 15:22 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-09 19:59 - 2012-01-14 15:20 - 00002924 _____ () C:\Windows\System32\Tasks\{30E14213-C4CA-4811-9144-5CF8007FFA2E}
2014-10-09 19:59 - 2011-12-23 16:24 - 00002924 _____ () C:\Windows\System32\Tasks\{FC43D33C-9413-48F6-8749-E800708016B1}
2014-10-09 19:59 - 2011-10-28 13:18 - 00002924 _____ () C:\Windows\System32\Tasks\{699649F9-5C0D-4FD7-AD24-617669546763}
2014-10-09 19:59 - 2011-10-28 13:06 - 00002924 _____ () C:\Windows\System32\Tasks\{021D9944-64AF-4BC5-A0FB-1043595DA4C9}
2014-10-09 19:59 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-10-09 18:46 - 2010-05-27 12:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-09 18:20 - 2010-06-15 11:44 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Nero
2014-10-09 16:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-09 16:37 - 2011-06-25 18:45 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-10-09 15:57 - 2010-06-01 12:33 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Nero
2014-10-09 15:33 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Nero
2014-10-08 13:33 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Corel
2014-10-08 13:32 - 2010-06-01 13:53 - 00000000 ____D () C:\VueScan
2014-10-08 13:32 - 2010-05-25 14:36 - 00001838 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2014-10-08 13:32 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\Documents\Meine PSP-Dateien
2014-10-07 20:25 - 2012-09-13 17:09 - 00000000 ____D () C:\Users\Public\Documents\Quickload
2014-10-07 11:21 - 2013-11-25 19:18 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-05 09:52 - 2013-08-04 13:24 - 00146736 _____ () C:\Users\Gerhard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-30 19:35 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-30 09:59 - 2013-10-20 13:58 - 00003726 _____ () C:\Windows\System32\Tasks\Gerhards Dateisicherung 15 0
2014-09-30 09:59 - 2010-08-25 16:19 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-09-24 08:26 - 2013-12-01 20:26 - 00000041 _____ () C:\Users\Public\IK_PosLen.dat
2014-09-24 08:24 - 2013-05-28 15:59 - 00001569 _____ () C:\Users\Public\Desktop\VR-IBAN-Konverter.lnk
2014-09-24 08:23 - 2013-05-28 15:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\VR-IK
2014-09-23 21:10 - 2012-04-02 18:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 21:10 - 2012-04-02 18:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 21:10 - 2011-05-20 13:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-21 15:29 - 2011-11-23 14:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Standard.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00001559 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Standard.lnk

Files to move or delete:
====================
C:\Users\Public\IK_PosLen.dat
C:\Users\Public\VR-IBAN-Konverter.dat


Some content of TEMP:
====================
C:\Users\Gerhard\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 16:07

==================== End Of Log ============================
--- --- ---

schrauber 20.10.2014 07:34
hi,

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

GerKK 20.10.2014 11:25
Trojaner auf dem Rechner
 
Guten Tag Schrauber, sorry das es etwas länger gedauert hat. Anbei die gewünschten Dateien
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 20.10.2014
Suchlauf-Zeit: 10:02:06
Logdatei: mbam201014.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.10.20.02
Rootkit Datenbank: v2014.10.17.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Gerhard

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 462688
Verstrichene Zeit: 25 Min, 7 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Gerhard (administrator) on GERHARD-PC on 18-10-2014 14:02:46
Running from G:\AdwareCleaner
Loaded Profiles: Gerhard & UpdatusUser (Available profiles: Gerhard & UpdatusUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\FirmwareFreewareMacro.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
() E:\ORICO\ORICO Tools\IovstRouteService_win7.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
(Nuance Communications, Inc.) E:\Nuance\PaperPort\PDFProFiltSrvPP.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Trinit-Soft) E:\USB Wächter\USBWService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
() C:\Users\Gerhard\AppData\Roaming\InetStat\inetstat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(T-Com Bereich Endgeräte) E:\TOnline\OnlineControl\ocontrol.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Nuance Communications, Inc.) E:\PDF Create 7\PdfCreate7Hook.exe
(Nuance Communications, Inc.) E:\Nuance\PDFViewerPlus\pdfPro5Hook.exe
(Adobe Systems Inc.) E:\Adobe\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
() C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\LogNetRoot.exe
() C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2012-03-26] (VIA Technologies, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [380760 2013-07-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => E:\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NsPrtMon] => C:\Program Files\NewSoft\Presto! PrintCentral\NsPrtMon.exe [42832 2009-09-11] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [PMSpeed] => C:\Program Files (x86)\NewSoft\Presto! PageManager 9.01\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-09-07] ()
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [OmniPage Preload] => E:\ScanSoft18\OmniPage18.exe [2987880 2011-08-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => E:\PDF Create 7\pdfcreate7hook.exe [605032 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => E:\PDF Create 7\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => E:\Nuance\PaperPort\IndexSearch.exe [46368 2010-02-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => E:\Nuance\PDFViewerPlus\pdfpro5hook.exe [1369376 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => E:\Nuance\PDFViewerPlus\RegistryController.exe [62752 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-10-09] (APN)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1104912 2014-08-20] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [KiesPreload] => E:\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1001\...\Run: [InetStat] => C:\Users\Gerhard\AppData\Roaming\InetStat\inetstat.exe [700430 2014-10-12] ()
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [TomTomHOME.exe] => "E:\TomTom HOME 2\TomTomHOMERunner.exe"
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesHelper] => E:\Samsung\Kies\KiesHelper.exe /s
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [KiesPDLR] => E:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [OpAgent] => "OpAgent.exe" /agent
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-06-11] (AVG Secure Search)
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {a4686039-67f6-11df-a1d0-806e6f6e6963} - K:\AUTORUN.EXE
HKU\S-1-5-21-1256300535-3656786790-4203701623-1005\...\MountPoints2: {b0dc9a48-a89c-11e1-9d81-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => E:\Duden-Rechtschreibprüfung\DKTray.exe [347792 2011-12-23] (Expert System S.p.A.)
IFEO\kies.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\kiesagent.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Office-Bibliothek-Direktsuche.lnk
ShortcutTarget: Office-Bibliothek-Direktsuche.lnk -> E:\Fremdwörterlexikon\PCLib.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OnlineControl.lnk
ShortcutTarget: OnlineControl.lnk -> E:\TOnline\OnlineControl\ocontrol.exe (T-Com Bereich Endgeräte)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2012 Zahlungserinnerung.lnk
ShortcutTarget: Quicken 2012 Zahlungserinnerung.lnk -> C:\Windows\Installer\{2FC7CE3A-23E5-41E8-975B-AA0236D649FD}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> E:\VR-NetWorld\vrtoolcheckorder.exe (VR-NetWorld Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> E:\WISO2013\mshaktuell.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> E:\TOnline\DslMgr.exe (T-Systems Enterprise Services GmbH)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:36169
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://isearch.avg.com/?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=12.2.5.32&sap=hp
hxxp://www.microsoft.com/windows/ie/searchguide/de-de/default.mspx?dcsref=hxxp://runonce.msn.com/runonce2.aspx#
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=BDT3&ocid=bdtdhp
URLSearchHook: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
URLSearchHook: HKCU - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=AC0AF970-ABE5-4AE2-989D-14A6F42B02E5&apn_sauid=3107F890-C314-4F1A-B0A5-F9A477BAE173
SearchScopes: HKCU - {65D51F5B-E716-48F8-AA2B-B0851599B02B} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {8C86B2E0-AD99-4008-9A1E-8526E0B00130} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0D4ACC5C-38CE-4F7D-AD5E-54266212ADC2}&mid=a43a809502ad47d18075d154d43bcf47-5dc7dab7a3820688bb38cbc250ac6ec4e6c96f07&lang=de&ds=tt014&pr=sa&d=2011-12-23 13:35:12&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BrowseToolE0191 Toolbar -> {40c3cc16-7269-4b32-9531-17f2950fb06f} -> C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> E:\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - BrowseToolE0191 Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - E:\SteganosPM12\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - E:\PDF Create 7\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - E:\SteganosPM12\spmplugin3
FF Extension: Steganos Password Manager - E:\SteganosPM12\spmplugin3 [2010-06-02]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-09-07]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\Adobe\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\Adobe\Acrobat\Browser\WCFirefoxExtn [2012-04-05]
FF HKLM-x32\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - E:\Mobile Master\ext\1
FF Extension: Mobile Master Add-In - E:\Mobile Master\ext\1 [2014-09-30]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [806704 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-20] (APN LLC.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [846864 2014-08-20] (AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 CronODBCSprite; C:\Windows\SysWOW64\CronODBCSprite\CronODBCSprite.exe [60453 2014-10-12] () [File not signed]
R2 FirmwareFreewareMacro.exe; C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro\FirmwareFreewareMacro.exe [129061 2014-10-12] () [File not signed]
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2011-07-26] (Gladinet, INC)
R2 IovstRouterService; E:\ORICO\ORICO Tools\IovstRouteService_win7.exe [20480 2010-12-16] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 Microsoft Office Groove Audit Service; E:\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
R2 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [273248 2014-09-24] (Nero AG)
R2 PDFProFiltSrvPP; E:\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-02-11] (Nuance Communications, Inc.)
S3 TDslMgrService; E:\TOnline\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2538808 2014-09-04] (AVG Technologies)
R2 USBWaechter; E:\USB Wächter\USBWService.exe [2403840 2010-07-10] (Trinit-Soft) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S2 HPSLPSVC; C:\Users\Gerhard\AppData\Local\Temp\7zS5C53\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-10-07] (Avira Operations GmbH & Co. KG)
S2 CdaC15BA; C:\Windows\SysWOW64\drivers\CDAC15BA.SYS [8864 2011-06-17] () [File not signed]
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-10-25] (Devguru Co., Ltd)
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [19008 2007-08-01] (T-Systems Enterprise Services GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-15] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2010-05-28] (Paragon Software Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-11-23] (Duplex Secure Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-08-28] (TuneUp Software)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [256000 2012-03-26] (VIA Technologies, Inc.)
S3 cpuz132; \??\C:\Users\Gerhard\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 14:02 - 2014-10-18 14:02 - 00000000 ____D () C:\FRST
2014-10-18 13:17 - 2014-10-18 13:17 - 00000020 _____ () C:\Users\Gerhard\defogger_reenable
2014-10-18 11:14 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 11:14 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 10:46 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 10:46 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 10:46 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 09:40 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 09:40 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 09:38 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 09:38 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-18 09:38 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 09:38 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 09:10 - 2014-10-18 13:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-18 09:09 - 2014-10-18 09:09 - 00001112 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-18 09:09 - 2014-10-18 09:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-18 09:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-18 09:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-18 09:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-17 19:19 - 2014-10-17 19:19 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\CheckCode
2014-10-12 14:16 - 2014-10-12 14:16 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-12 14:16 - 2014-10-12 14:16 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\InetStat
2014-10-12 14:00 - 2014-10-12 14:00 - 00301608 _____ (VuuPC Limited) C:\Users\Gerhard\AppData\Local\nsc91A4.tmp
2014-10-12 14:00 - 2014-10-12 14:00 - 00000830 _____ () C:\Users\Gerhard\Desktop\Continue VuuPC Installation.lnk
2014-10-12 13:42 - 2014-10-12 14:14 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\FirmwareFreewareMacro
2014-10-12 13:42 - 2014-10-12 13:42 - 00000000 ____D () C:\Windows\SysWOW64\CronODBCSprite
2014-10-12 13:35 - 2014-10-18 12:29 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\StormWatch
2014-10-11 17:37 - 2014-10-11 17:37 - 00002041 _____ () C:\Users\Public\Desktop\MSI Live Update 6.lnk
2014-10-11 17:37 - 2014-10-11 17:37 - 00000000 ____D () C:\MSILU
2014-10-10 12:03 - 2014-10-10 12:07 - 00000000 ____D () C:\Users\Gerhard\HDR Projects
2014-10-10 12:02 - 2014-10-10 12:02 - 00000726 _____ () C:\Users\Public\Desktop\HDR Projects platin (64-Bit).lnk
2014-10-10 12:02 - 2014-10-10 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2014-10-09 20:24 - 2014-10-09 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-09 20:16 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-09 20:16 - 2014-07-02 12:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-09 18:46 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-09 18:46 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-09 18:46 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-09 18:46 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-09 18:46 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-09 18:46 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-09 18:46 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-09 18:46 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-09 18:46 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-09 18:46 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-09 18:46 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-10-09 16:34 - 2014-10-09 16:34 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec
2014-10-09 16:28 - 2014-10-09 16:28 - 00000710 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-10-09 16:27 - 2013-12-30 03:54 - 00233472 _____ (Teruten) C:\Windows\SysWOW64\FsUsbExService.Exe
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sys
2014-10-09 16:27 - 2013-12-30 03:54 - 00037344 _____ () C:\Windows\SysWOW64\FsUsbExDisk.Sy_
2014-10-09 16:27 - 2011-11-29 17:40 - 00110592 _____ () C:\Windows\SysWOW64\FsUsbExDevice.Dll
2014-10-09 15:32 - 2014-10-09 19:57 - 00002841 _____ () C:\Users\Public\Desktop\Nero 2015.lnk
2014-10-09 15:30 - 2014-10-09 19:59 - 00002115 _____ () C:\Users\Public\Desktop\Nero MediaHome.lnk
2014-10-09 15:22 - 2014-10-09 15:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebViewer
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\ProgramData\3DIS GmbH
2014-10-05 17:57 - 2014-10-05 17:57 - 00000000 ____D () C:\Program Files (x86)\WebViewer
2014-10-05 10:32 - 2014-10-05 10:32 - 00000901 _____ () C:\Users\Public\Desktop\QuickLOAD De-Installation.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000627 _____ () C:\Users\Public\Desktop\QuickLOAD Liste der Messläufe.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000615 _____ () C:\Users\Public\Desktop\QuickTARGET Unlimited Handbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000608 _____ () C:\Users\Public\Desktop\QuickTARGET Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000604 _____ () C:\Users\Public\Desktop\QuickLOAD Benutzerhandbuch.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000596 _____ () C:\Users\Public\Desktop\QuickLOAD Wichtig!.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000592 _____ () C:\Users\Public\Desktop\QuickTARGETUnlimited.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000577 _____ () C:\Users\Public\Desktop\QuickTARGET.lnk
2014-10-05 10:32 - 2014-10-05 10:32 - 00000573 _____ () C:\Users\Public\Desktop\QuickLOAD.lnk
2014-10-05 10:29 - 2014-10-05 10:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickLOAD
2014-10-05 10:29 - 2012-02-16 15:46 - 00139264 _____ (Axis Controls Ltd) C:\Windows\SysWOW64\SComm32.ocx
2014-10-05 08:46 - 2014-10-05 08:46 - 00002114 _____ () C:\Users\Gerhard\Desktop\AVG 1-Klick-Wartung.lnk
2014-10-01 09:19 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:19 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 16:31 - 2014-09-30 16:31 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Mobile Master
2014-09-30 14:07 - 2014-09-30 14:07 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-30 14:01 - 2014-10-02 13:13 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Mobile Master
2014-09-30 14:01 - 2014-09-30 14:01 - 00000000 ____D () C:\ProgramData\Mobile Master
2014-09-30 14:00 - 2014-09-30 14:00 - 00000688 _____ () C:\Users\Public\Desktop\Mobile Master.lnk
2014-09-30 14:00 - 2014-09-30 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Master
2014-09-30 13:59 - 2014-09-30 13:59 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Jumping Bytes
2014-09-30 09:59 - 2014-09-30 09:59 - 00002969 _____ () C:\Users\Public\Desktop\Nero BackItUp.lnk
2014-09-25 13:38 - 2014-09-25 13:38 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-09-24 18:56 - 2014-09-24 18:56 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-09-24 18:40 - 2014-09-24 18:40 - 00002223 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2014-09-24 18:40 - 2014-09-24 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015
2014-09-24 18:40 - 2014-09-04 13:23 - 00040248 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2014-09-24 18:40 - 2014-09-04 13:23 - 00029496 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2014-09-24 18:40 - 2014-09-04 13:23 - 00025400 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2014-09-24 18:39 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\AVG
2014-09-24 16:55 - 2014-09-24 16:55 - 00000936 _____ () C:\Users\Public\Desktop\AVG.lnk
2014-09-24 16:55 - 2014-09-24 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2014-09-24 14:57 - 2014-10-05 09:48 - 00000000 ____D () C:\ProgramData\Avg
2014-09-24 14:57 - 2014-09-24 18:39 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-09-24 14:44 - 2014-09-24 18:39 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Avg
2014-09-24 14:44 - 2014-09-24 18:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\AvgSetupLog
2014-09-24 09:31 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 09:31 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-24 08:24 - 2014-09-24 08:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VR-IBAN-Konverter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-18 13:29 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-18 13:29 - 2009-07-14 06:45 - 00023392 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-18 13:21 - 2010-08-30 18:43 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-18 13:20 - 2010-06-30 10:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-18 13:18 - 2013-08-05 07:38 - 03758278 _____ () C:\Windows\PFRO.log
2014-10-18 13:18 - 2013-08-05 07:38 - 00020423 _____ () C:\Windows\setupact.log
2014-10-18 13:18 - 2010-05-27 12:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-18 13:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-18 13:17 - 2010-05-25 14:24 - 00000000 ____D () C:\Users\Gerhard
2014-10-18 13:17 - 2010-05-25 14:16 - 01845369 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 13:08 - 2012-04-02 18:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-18 13:06 - 2010-06-30 10:15 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-18 12:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss
2014-10-18 12:29 - 2010-09-30 20:32 - 00000000 ____D () C:\Program Files (x86)\Winload
2014-10-18 11:55 - 2012-04-22 15:09 - 55886848 _____ () C:\Users\Gerhard\Documents\Outlook.pst
2014-10-18 11:00 - 2013-08-05 07:38 - 00505416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 10:20 - 2010-05-25 17:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-18 10:12 - 2013-08-01 19:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 10:11 - 2009-07-14 19:58 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-10-18 10:11 - 2009-07-14 19:58 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-10-18 10:11 - 2009-07-14 07:13 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-18 09:53 - 2010-05-25 19:47 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-17 19:42 - 2010-05-25 14:24 - 00000000 __SHD () C:\Recovery
2014-10-17 19:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-10-11 17:37 - 2013-04-22 15:18 - 00000000 ____D () C:\Program Files (x86)\MSI
2014-10-11 17:07 - 2010-05-26 15:28 - 00013030 _____ () C:\Users\Public\PDOXUSRS.NET
2014-10-10 11:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-09 20:16 - 2011-06-25 15:15 - 00000000 ____D () C:\Temp
2014-10-09 20:16 - 2010-07-18 15:22 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-09 19:59 - 2012-01-14 15:20 - 00002924 _____ () C:\Windows\System32\Tasks\{30E14213-C4CA-4811-9144-5CF8007FFA2E}
2014-10-09 19:59 - 2011-12-23 16:24 - 00002924 _____ () C:\Windows\System32\Tasks\{FC43D33C-9413-48F6-8749-E800708016B1}
2014-10-09 19:59 - 2011-10-28 13:18 - 00002924 _____ () C:\Windows\System32\Tasks\{699649F9-5C0D-4FD7-AD24-617669546763}
2014-10-09 19:59 - 2011-10-28 13:06 - 00002924 _____ () C:\Windows\System32\Tasks\{021D9944-64AF-4BC5-A0FB-1043595DA4C9}
2014-10-09 19:59 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-10-09 18:46 - 2010-05-27 12:04 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-10-09 18:20 - 2010-06-15 11:44 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Nero
2014-10-09 16:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-09 16:37 - 2011-06-25 18:45 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-10-09 15:57 - 2010-06-01 12:33 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Nero
2014-10-09 15:33 - 2010-06-01 12:25 - 00000000 ____D () C:\ProgramData\Nero
2014-10-08 13:33 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Corel
2014-10-08 13:32 - 2010-06-01 13:53 - 00000000 ____D () C:\VueScan
2014-10-08 13:32 - 2010-05-25 14:36 - 00001838 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2014-10-08 13:32 - 2010-05-25 14:36 - 00000000 ____D () C:\Users\Gerhard\Documents\Meine PSP-Dateien
2014-10-07 20:25 - 2012-09-13 17:09 - 00000000 ____D () C:\Users\Public\Documents\Quickload
2014-10-07 11:21 - 2013-11-25 19:18 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-07 11:21 - 2013-11-25 19:18 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-05 09:52 - 2013-08-04 13:24 - 00146736 _____ () C:\Users\Gerhard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-30 19:35 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-30 09:59 - 2013-10-20 13:58 - 00003726 _____ () C:\Windows\System32\Tasks\Gerhards Dateisicherung 15 0
2014-09-30 09:59 - 2010-08-25 16:19 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-09-24 08:26 - 2013-12-01 20:26 - 00000041 _____ () C:\Users\Public\IK_PosLen.dat
2014-09-24 08:24 - 2013-05-28 15:59 - 00001569 _____ () C:\Users\Public\Desktop\VR-IBAN-Konverter.lnk
2014-09-24 08:23 - 2013-05-28 15:57 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\VR-IK
2014-09-23 21:10 - 2012-04-02 18:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 21:10 - 2012-04-02 18:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 21:10 - 2011-05-20 13:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-21 15:29 - 2011-11-23 14:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002507 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Standard.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-09-21 13:06 - 2012-04-05 19:54 - 00001559 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Standard.lnk

Files to move or delete:
====================
C:\Users\Public\IK_PosLen.dat
C:\Users\Public\VR-IBAN-Konverter.dat


Some content of TEMP:
====================
C:\Users\Gerhard\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 16:07

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Home Premium x64
Ran by Gerhard on 20.10.2014 at 12:10:12,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Gerhard\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Gerhard\appdata\local\tempdir"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.10.2014 at 12:15:44,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Home Premium x64
Ran by Gerhard on 20.10.2014 at 12:10:12,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Gerhard\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Gerhard\appdata\local\tempdir"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.10.2014 at 12:15:44,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
# AdwCleaner v4.000 - Bericht erstellt am 20/10/2014 um 11:57:48
# DB v
# Aktualisiert 12/10/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Gerhard - GERHARD-PC
# Gestartet von : C:\Users\Gerhard\Desktop\AdwCleaner_4.000.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : APNMCP

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\Users\Gerhard\AppData\Local\Temp\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Users\Gerhard\AppData\Local\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Users\Gast\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Gerhard\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Gerhard\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\AVG Security Toolbar
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Gerhard\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Users\Gerhard\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Gerhard\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Gerhard\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Gerhard\AppData\Roaming\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Gerhard\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\Viewpoint
Ordner Gelöscht : C:\Program Files (x86)\Winload
Ordner Gelöscht : C:\Users\Gerhard\AppData\LocalLow\Winload
Datei Gelöscht : C:\Users\Gerhard\Desktop\Continue VuuPC Installation.lnk

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [InetStat]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbarNRO_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskToolbarNRO_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cocreate-modeling_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cocreate-modeling_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_inkscape_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_inkscape_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_nasa-world-wind_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_nasa-world-wind_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{40C3CC16-7269-4B32-9531-17F2950FB06F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1D98465-B943-423C-8FB0-58982BD2BA98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39766CCA-1CEC-4E81-BF91-6A96CD49DA62}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40C3CC16-7269-4B32-9531-17F2950FB06F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{40C3CC16-7269-4B32-9531-17F2950FB06F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1D98465-B943-423C-8FB0-58982BD2BA98}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{39766CCA-1CEC-4E81-BF91-6A96CD49DA62}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{40C3CC16-7269-4B32-9531-17F2950FB06F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1D98465-B943-423C-8FB0-58982BD2BA98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{39766CCA-1CEC-4E81-BF91-6A96CD49DA62}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72523A0C-9E04-4FE3-B8D4-4E497605126E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4DCAEE91-23A6-493F-96BD-B1F324DEFF7A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\winload
Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : HKLM\SOFTWARE\winload
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\InetStat
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winload Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Upt

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

*************************

AdwCleaner[R0].txt - [18431 octets] - [20/10/2014 10:29:20]
AdwCleaner[R1].txt - [21320 octets] - [20/10/2014 11:52:14]
AdwCleaner[S0].txt - [15991 octets] - [20/10/2014 11:57:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16052 octets] ##########


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:55 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19