godmoron

Member
  • Content Count

    5
  • Joined

  • Last visited

Posts posted by godmoron


  1. Hi Schrauber.

     

    Super danke für deine Hilfe. Beim letzten Emisoft Scan hat er keinen Virus mehr gefunden. Hat alles super geklappt. Angehängt noch der letzt Log Report.

     

    Danke nochmals

     

    Philipp

     

    Emsisoft Anti-Malware - Version 9.0
    Letztes Update: 22.09.2014 17:34:16
    Benutzerkonto: Philipp-PC\Philipp

    Scan Einstellungen:

    Scan Methode: Detail Scan
    Objekte: Rootkits, Speicher, Traces, C:\, Q:\

    PUPs-Erkennung: Aus
    Archiv Scan: An
    ADS Scan: An
    Dateitypen-Filter: Aus
    Erweitertes Caching: An
    Direkter Festplattenzugriff: Aus

    Scan Beginn: 26.09.2014 21:42:20

    Gescannt 730646
    Gefunden 0

    Scan Ende: 27.09.2014 02:38:39
    Scan Zeit: 4:56:19


  2. Hi Schrauber.

     

    Hier die 2 Reports:

     

    Emsisoft Anti-Malware - Version 9.0
    Letztes Update: 22.09.2014 17:34:16
    Benutzerkonto: Philipp-PC\Philipp

    Scan Einstellungen:

    Scan Methode: Detail Scan
    Objekte: Rootkits, Speicher, Traces, C:\, Q:\

    PUPs-Erkennung: Aus
    Archiv Scan: An
    ADS Scan: An
    Dateitypen-Filter: Aus
    Erweitertes Caching: An
    Direkter Festplattenzugriff: Aus

    Scan Beginn: 26.09.2014 07:10:07
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SEC  gefunden: Rogue.Win32.ExpertCleaner (A)

    Gescannt 733524
    Gefunden 1

    Scan Ende: 26.09.2014 11:37:45
    Scan Zeit: 4:27:38

     

     

     

    Und FRST

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2014
    Ran by Philipp (administrator) on PHILIPP-PC on 26-09-2014 07:08:41
    Running from C:\Users\Philipp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4X2VB0KP
    Loaded Profiles: Philipp & UpdatusUser (Available profiles: Philipp & UpdatusUser)
    Platform: Windows Vista Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
    Internet Explorer Version 8
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Farbar) C:\Users\Philipp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4X2VB0KP\FRST64[2].exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\Policies\Explorer: [DisallowRun] 1
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\MountPoints2: {d47d2f33-4669-11df-985f-00241dd35124} - E:\MENU.EXE
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\MountPoints2: {dfc5d081-1edc-11e3-8afa-806e6f6e6963} - E:\SETUP.EXE
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\MountPoints2: {dfc5d084-1edc-11e3-8afa-806e6f6e6963} - F:\KMDS.exe
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1002\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
    ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk
    ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (No File)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.alternate.net
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKCU - {89BDED6F-0931-4D38-ACEE-2601F55B1529} URL = http://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
    SearchScopes: HKCU - {8C1BCFB2-9234-4036-808A-80AC2861E63A} URL = http://www.google.de/search?q={searchTerms}
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
    DPF: HKLM-x32 {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\a0adobfk.default-1382330580154
    FF Homepage: www.google.com
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()
    FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Philipp\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
    FF Extension: Speed Test Analysis - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\a0adobfk.default-1382330580154\Extensions\[email protected] [2014-01-04]
    FF Extension: Adblock Plus - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\a0adobfk.default-1382330580154\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-21]
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-22]
    FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-21]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.com/
    CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Speed Test Analysis) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb [2013-12-26]
    CHR Extension: (Skype Click to Call) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-03-01]
    CHR Extension: (Securita Scout) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkilfadjoneaheacgmkahfgcjchkpad [2014-04-20]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4784144 2014-09-22] (Emsisoft GmbH)
    S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [160784 2009-07-20] (Logitech, Inc.)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
    R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
    S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)
    R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
    R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
    S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-22] (Emsisoft GmbH)
    R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-05-18] (Emsisoft GmbH)
    R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-26] (Emsisoft GmbH)
    R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [54072 2006-12-09] (Samsung Electronics)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
    R3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [813160 2011-01-31] (Realtek Semiconductor Corporation                           )
    S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
    S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
    S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
    S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
    S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
    S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
    S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
    R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-12-25] (Sony Ericsson Mobile Communications)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-08-27] () [File not signed]
    U3 aq2bk04b; C:\Windows\System32\Drivers\aq2bk04b.sys [0 ] (Microsoft Corporation)
    S3 ALSysIO; \??\C:\Users\Philipp\AppData\Local\Temp\ALSysIO64.sys [X]
    S1 covwossh; \??\C:\Windows\system32\drivers\covwossh.sys [X]
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-25 12:09 - 2014-09-25 12:09 - 00001432 _____ () C:\Users\Philipp\Desktop\AdwCleaner[s1].txt
    2014-09-25 09:36 - 2014-09-25 09:36 - 01373475 _____ () C:\Users\Philipp\Downloads\adwcleaner_3.310.exe
    2014-09-25 03:00 - 2014-09-09 08:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-09-25 03:00 - 2014-09-09 08:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-09-24 10:15 - 2014-09-24 10:15 - 00049781 _____ () C:\Users\Philipp\Desktop\Addition.txt
    2014-09-24 10:14 - 2014-09-24 10:14 - 00032745 _____ () C:\Users\Philipp\Desktop\FRST.txt
    2014-09-24 10:13 - 2014-09-26 07:08 - 00000000 ____D () C:\FRST
    2014-09-23 07:58 - 2014-09-23 07:58 - 00023030 _____ () C:\Users\Philipp\Desktop\Emisoft Report.txt
    2014-09-23 07:32 - 2014-09-23 07:32 - 00000000 ____D () C:\ProgramData\Emsisoft
    2014-09-22 17:40 - 2014-09-25 12:07 - 00001180 _____ () C:\Windows\PFRO.log
    2014-09-22 17:23 - 2014-09-22 17:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-22 17:22 - 2014-09-22 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-22 17:22 - 2014-09-22 17:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-22 17:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-09-22 17:22 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-09-22 08:09 - 2014-09-22 08:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-11 03:16 - 2014-08-19 05:17 - 01491968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-11 03:16 - 2014-08-19 05:17 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-11 03:16 - 2014-08-19 05:17 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-09-11 03:16 - 2014-08-19 05:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-09-11 03:16 - 2014-08-19 05:07 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
    2014-09-11 03:16 - 2014-08-19 05:03 - 09326592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-11 03:16 - 2014-08-19 05:03 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-11 03:16 - 2014-08-19 05:02 - 00742912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-11 03:16 - 2014-08-19 05:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-09-11 03:16 - 2014-08-19 04:58 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-09-11 03:16 - 2014-08-19 04:57 - 01538560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-11 03:16 - 2014-08-19 04:57 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-11 03:16 - 2014-08-19 04:57 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-09-11 03:16 - 2014-08-19 04:57 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-11 03:16 - 2014-08-19 04:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 12473344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-11 03:16 - 2014-08-19 04:55 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
    2014-09-11 03:16 - 2014-08-19 03:46 - 01214976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-09-11 03:16 - 2014-08-19 03:46 - 00916992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-09-11 03:16 - 2014-08-19 03:46 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-09-11 03:16 - 2014-08-19 03:44 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 06003200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-09-11 03:16 - 2014-08-19 03:40 - 01469440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-09-11 03:16 - 2014-08-19 03:40 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-09-11 03:16 - 2014-08-19 03:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 11082752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 02005504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-09-11 03:16 - 2014-08-19 03:38 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
    2014-09-11 03:16 - 2014-08-19 03:36 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-09-11 03:16 - 2014-08-19 02:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-11 03:16 - 2014-08-19 02:15 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-11 03:16 - 2014-08-19 02:14 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-11 03:16 - 2014-08-19 02:14 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-09-11 03:16 - 2014-08-19 02:10 - 00385024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-09-11 03:16 - 2014-08-19 00:33 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
    2014-09-11 03:16 - 2014-08-19 00:33 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-09-11 03:16 - 2014-08-19 00:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-09-11 03:16 - 2014-08-19 00:30 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-09-06 08:25 - 2014-09-06 08:27 - 00000000 ____D () C:\Users\Philipp\Desktop\Pfauen
    2014-09-02 03:00 - 2014-08-23 03:05 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-09-02 03:00 - 2014-08-23 02:42 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-09-02 03:00 - 2014-08-23 01:38 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-26 06:38 - 2010-04-05 09:41 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-26 06:08 - 2006-11-02 17:22 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-26 06:08 - 2006-11-02 17:22 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-26 03:00 - 2012-08-10 10:45 - 01831603 _____ () C:\Windows\WindowsUpdate.log
    2014-09-25 19:39 - 2010-04-05 09:41 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-25 12:32 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
    2014-09-25 12:14 - 2008-01-21 13:10 - 01577800 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-25 12:14 - 2008-01-21 13:09 - 00678024 _____ () C:\Windows\system32\perfh007.dat
    2014-09-25 12:14 - 2008-01-21 13:09 - 00147278 _____ () C:\Windows\system32\perfc007.dat
    2014-09-25 12:08 - 2012-07-21 15:05 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
    2014-09-25 12:08 - 2009-10-15 13:13 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-09-25 12:08 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-25 12:06 - 2006-11-02 17:42 - 00032512 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-09-25 12:05 - 2014-05-11 13:20 - 00000000 ____D () C:\AdwCleaner
    2014-09-22 17:42 - 2012-04-16 22:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-09-22 17:42 - 2011-05-15 21:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-09-22 17:40 - 2014-08-10 21:23 - 00000000 ____D () C:\Program Files\Recuva
    2014-09-22 17:23 - 2010-06-01 09:59 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Malwarebytes
    2014-09-22 17:22 - 2013-01-16 12:23 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-22 17:22 - 2010-06-01 09:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-09-22 17:12 - 2010-03-25 17:26 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX
    2014-09-22 17:12 - 2010-03-25 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
    2014-09-22 17:12 - 2010-03-25 17:26 - 00000000 ____D () C:\Program Files (x86)\MAGIX
    2014-09-22 17:11 - 2010-03-17 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
    2014-09-22 17:11 - 2006-11-02 14:34 - 00000252 _____ () C:\Windows\system.ini
    2014-09-22 16:48 - 2010-03-17 17:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-09-22 12:25 - 2010-03-23 22:36 - 00002677 _____ () C:\Users\Philipp\Desktop\CorelDRAW X3.lnk
    2014-09-22 08:42 - 2010-03-17 02:36 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-09-11 10:31 - 2013-01-13 13:20 - 00000000 ____D () C:\Users\Philipp\Desktop\Pocoyo
    2014-09-11 10:08 - 2010-04-19 11:32 - 00000000 ____D () C:\Program Files (x86)\JDownloader
    2014-09-11 10:04 - 2010-07-30 20:54 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\vlc
    2014-09-11 09:58 - 2014-05-26 12:12 - 00000000 ___RD () C:\Users\Philipp\Dropbox
    2014-09-11 03:41 - 2014-05-26 12:09 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Dropbox
    2014-09-11 03:16 - 2009-10-15 12:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-11 03:15 - 2010-10-06 16:11 - 01553256 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-09-11 03:14 - 2014-05-11 11:17 - 00001912 _____ () C:\Windows\epplauncher.mif
    2014-09-11 03:14 - 2014-05-11 11:16 - 00001826 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2014-09-11 03:14 - 2014-05-11 11:16 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2014-09-11 03:13 - 2014-05-11 11:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2014-09-11 03:13 - 2013-10-24 14:40 - 00000000 ____D () C:\Windows\system32\MRT
    2014-09-11 03:02 - 2006-11-02 14:35 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2014-09-04 10:14 - 2010-03-17 07:41 - 00020992 _____ () C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-09-02 03:18 - 2006-11-02 17:21 - 03159848 _____ () C:\Windows\system32\FNTCACHE.DAT

    Files to move or delete:
    ====================
    C:\Users\Philipp\FurMark_1.10.5_Setup.exe

    Some content of TEMP:
    ====================
    C:\Users\Philipp\AppData\Local\Temp\Quarantine.exe
    C:\Users\Philipp\AppData\Local\Temp\securitascoutgames_3.exe
    C:\Users\Philipp\AppData\Local\Temp\unwise.exe

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-09-26 00:45

    ==================== End Of Log ============================

     

     

    Danke Philipp


  3. Hi Schrauber.

     

    Danke für die genaue Anleitung. Hier die nächste Log Datei.

     

    LG Philipp

     

     

    # AdwCleaner v3.310 - Bericht erstellt am 25/09/2014 um 12:05:17
    # Aktualisiert 12/09/2014 von Xplode
    # Betriebssystem : Windows Vista Home Premium Service Pack 2 (64 bits)
    # Benutzername : Philipp - PHILIPP-PC
    # Gestartet von : C:\Users\Philipp\Downloads\adwcleaner_3.310.exe
    # Option : Löschen

    ***** [ Dienste ] *****

    ***** [ Dateien / Ordner ] *****

    [!] Ordner Gelöscht : C:\Users\Philipp\AppData\Roaming\Security System 2
    [!] Ordner Gelöscht : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\a0adobfk.default-1382330580154\Extensions\[email protected]

    ***** [ Tasks ] *****

    ***** [ Verknüpfungen ] *****

    ***** [ Registrierungsdatenbank ] *****

    Schlüssel Gelöscht : HKCU\Software\OCS

    ***** [ Browser ] *****

    -\\ Internet Explorer v8.0.6001.19561

    -\\ Mozilla Firefox v32.0.2 (x86 de)

    [ Datei : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\a0adobfk.default-1382330580154\prefs.js ]

    -\\ Google Chrome v

    [ Datei : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    *************************

    AdwCleaner[R0].txt - [9843 octets] - [11/05/2014 13:26:10]
    AdwCleaner[R1].txt - [1463 octets] - [25/09/2014 09:36:50]
    AdwCleaner[s0].txt - [8394 octets] - [11/05/2014 20:06:44]
    AdwCleaner[s1].txt - [1292 octets] - [25/09/2014 12:05:17]

    ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1352 octets] ##########


  4. Hi Schrauber
     
    Danke für die Hilfe. Hier die 2 Log Files. Leider kann ich nichts anhängen daher poste ich's im Threat.

     

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
    Ran by Philipp (administrator) on PHILIPP-PC on 24-09-2014 10:13:11
    Running from C:\Users\Philipp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4X2VB0KP
    Platform: Windows Vista Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
    Internet Explorer Version 8
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Microsoft Corporation) C:\Windows\System32\SLsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
    (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
    (Farbar) C:\Users\Philipp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4X2VB0KP\FRST64[1].exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\Policies\Explorer: [DisallowRun] 1
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\MountPoints2: {d47d2f33-4669-11df-985f-00241dd35124} - E:\MENU.EXE
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\MountPoints2: {dfc5d081-1edc-11e3-8afa-806e6f6e6963} - E:\SETUP.EXE
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1001\...\MountPoints2: {dfc5d084-1edc-11e3-8afa-806e6f6e6963} - F:\KMDS.exe
    HKU\S-1-5-21-2723512163-2963705854-2571069048-1002\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
    ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk
    ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (No File)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.alternate.net
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    SearchScopes: HKLM-x32 - DefaultScope value is missing.
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
    SearchScopes: HKCU - {89BDED6F-0931-4D38-ACEE-2601F55B1529} URL = http://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
    SearchScopes: HKCU - {8C1BCFB2-9234-4036-808A-80AC2861E63A} URL = http://www.google.de/search?q={searchTerms}
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
    DPF: HKLM-x32 {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\a0adobfk.default-1382330580154
    FF Homepage: www.google.com
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ ()
    FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\Philipp\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll No File
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
    FF Extension: Securita Scout - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\a0adobfk.default-1382330580154\Extensions\[email protected] [2014-04-20]
    FF Extension: Speed Test Analysis - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\a0adobfk.default-1382330580154\Extensions\[email protected] [2014-01-04]
    FF Extension: Adblock Plus - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\a0adobfk.default-1382330580154\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-21]
    FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-22]
    FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-21]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.com/
    CHR Profile: C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Speed Test Analysis) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb [2013-12-26]
    CHR Extension: (Skype Click to Call) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-03-01]
    CHR Extension: (Securita Scout) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkilfadjoneaheacgmkahfgcjchkpad [2014-04-20]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4784144 2014-09-22] (Emsisoft GmbH)
    S3 LBTServ; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [160784 2009-07-20] (Logitech, Inc.)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
    R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
    S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)
    R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
    R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
    S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-22] (Emsisoft GmbH)
    R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-05-18] (Emsisoft GmbH)
    R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-26] (Emsisoft GmbH)
    R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [54072 2006-12-09] (Samsung Electronics)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
    R3 RTL8192cu; C:\Windows\System32\DRIVERS\WNA1000M.sys [813160 2011-01-31] (Realtek Semiconductor Corporation                           )
    S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
    S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
    S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
    S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
    S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
    S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
    S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
    R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-12-25] (Sony Ericsson Mobile Communications)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-08-27] () [File not signed]
    U3 abccir4v; C:\Windows\System32\Drivers\abccir4v.sys [0 ] (Microsoft Corporation)
    S3 ALSysIO; \??\C:\Users\Philipp\AppData\Local\Temp\ALSysIO64.sys [X]
    S1 covwossh; \??\C:\Windows\system32\drivers\covwossh.sys [X]
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-24 10:13 - 2014-09-24 10:13 - 00000000 ____D () C:\FRST
    2014-09-23 07:58 - 2014-09-23 07:58 - 00023030 _____ () C:\Users\Philipp\Desktop\Emisoft Report.txt
    2014-09-23 07:32 - 2014-09-23 07:32 - 00000000 ____D () C:\ProgramData\Emsisoft
    2014-09-22 17:40 - 2014-09-22 17:40 - 00000870 _____ () C:\Windows\PFRO.log
    2014-09-22 17:23 - 2014-09-22 17:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-22 17:22 - 2014-09-22 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-22 17:22 - 2014-09-22 17:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-22 17:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-09-22 17:22 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-09-22 08:09 - 2014-09-22 08:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-11 03:16 - 2014-08-19 05:17 - 01491968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-11 03:16 - 2014-08-19 05:17 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-11 03:16 - 2014-08-19 05:17 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-09-11 03:16 - 2014-08-19 05:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2014-09-11 03:16 - 2014-08-19 05:07 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
    2014-09-11 03:16 - 2014-08-19 05:03 - 09326592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-11 03:16 - 2014-08-19 05:03 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-11 03:16 - 2014-08-19 05:02 - 00742912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-11 03:16 - 2014-08-19 05:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2014-09-11 03:16 - 2014-08-19 04:58 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2014-09-11 03:16 - 2014-08-19 04:57 - 01538560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-11 03:16 - 2014-08-19 04:57 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-11 03:16 - 2014-08-19 04:57 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2014-09-11 03:16 - 2014-08-19 04:57 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-11 03:16 - 2014-08-19 04:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 12473344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2014-09-11 03:16 - 2014-08-19 04:56 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-11 03:16 - 2014-08-19 04:55 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
    2014-09-11 03:16 - 2014-08-19 03:46 - 01214976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-09-11 03:16 - 2014-08-19 03:46 - 00916992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-09-11 03:16 - 2014-08-19 03:46 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2014-09-11 03:16 - 2014-08-19 03:44 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 06003200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-09-11 03:16 - 2014-08-19 03:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2014-09-11 03:16 - 2014-08-19 03:40 - 01469440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-09-11 03:16 - 2014-08-19 03:40 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2014-09-11 03:16 - 2014-08-19 03:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 11082752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 02005504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-09-11 03:16 - 2014-08-19 03:39 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-09-11 03:16 - 2014-08-19 03:38 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
    2014-09-11 03:16 - 2014-08-19 03:36 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2014-09-11 03:16 - 2014-08-19 02:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-11 03:16 - 2014-08-19 02:15 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-11 03:16 - 2014-08-19 02:14 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-11 03:16 - 2014-08-19 02:14 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2014-09-11 03:16 - 2014-08-19 02:10 - 00385024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2014-09-11 03:16 - 2014-08-19 00:33 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
    2014-09-11 03:16 - 2014-08-19 00:33 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-09-11 03:16 - 2014-08-19 00:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2014-09-11 03:16 - 2014-08-19 00:30 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-09-06 08:25 - 2014-09-06 08:27 - 00000000 ____D () C:\Users\Philipp\Desktop\Pfauen
    2014-09-02 03:00 - 2014-08-23 03:05 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-09-02 03:00 - 2014-08-23 02:42 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-09-02 03:00 - 2014-08-23 01:38 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-24 10:13 - 2014-09-24 10:13 - 00000000 ____D () C:\FRST
    2014-09-24 10:11 - 2006-11-02 17:22 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-24 10:11 - 2006-11-02 17:22 - 00003664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-24 09:39 - 2010-04-05 09:41 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-24 07:55 - 2012-08-10 10:45 - 01768471 _____ () C:\Windows\WindowsUpdate.log
    2014-09-23 19:39 - 2010-04-05 09:41 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-23 07:58 - 2014-09-23 07:58 - 00023030 _____ () C:\Users\Philipp\Desktop\Emisoft Report.txt
    2014-09-23 07:32 - 2014-09-23 07:32 - 00000000 ____D () C:\ProgramData\Emsisoft
    2014-09-23 07:32 - 2012-07-21 15:05 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
    2014-09-22 17:47 - 2008-01-21 13:10 - 01577800 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-22 17:47 - 2008-01-21 13:09 - 00678024 _____ () C:\Windows\system32\perfh007.dat
    2014-09-22 17:47 - 2008-01-21 13:09 - 00147278 _____ () C:\Windows\system32\perfc007.dat
    2014-09-22 17:44 - 2014-09-22 17:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-22 17:42 - 2012-04-16 22:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-09-22 17:42 - 2011-05-15 21:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-09-22 17:40 - 2014-09-22 17:40 - 00000870 _____ () C:\Windows\PFRO.log
    2014-09-22 17:40 - 2014-08-10 21:23 - 00000000 ____D () C:\Program Files\Recuva
    2014-09-22 17:40 - 2009-10-15 13:13 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-09-22 17:40 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-22 17:38 - 2006-11-02 17:42 - 00032512 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-09-22 17:35 - 2014-04-20 18:19 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Security System 2
    2014-09-22 17:23 - 2010-06-01 09:59 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Malwarebytes
    2014-09-22 17:22 - 2014-09-22 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-22 17:22 - 2014-09-22 17:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-22 17:22 - 2013-01-16 12:23 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-22 17:22 - 2010-06-01 09:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-09-22 17:12 - 2010-03-25 17:26 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX
    2014-09-22 17:12 - 2010-03-25 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
    2014-09-22 17:12 - 2010-03-25 17:26 - 00000000 ____D () C:\Program Files (x86)\MAGIX
    2014-09-22 17:11 - 2010-03-17 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
    2014-09-22 17:11 - 2006-11-02 14:34 - 00000252 _____ () C:\Windows\system.ini
    2014-09-22 16:48 - 2010-03-17 17:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-09-22 12:25 - 2010-03-23 22:36 - 00002677 _____ () C:\Users\Philipp\Desktop\CorelDRAW X3.lnk
    2014-09-22 08:42 - 2010-03-17 02:36 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-09-22 08:09 - 2014-09-22 08:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-11 10:31 - 2013-01-13 13:20 - 00000000 ____D () C:\Users\Philipp\Desktop\Pocoyo
    2014-09-11 10:08 - 2010-04-19 11:32 - 00000000 ____D () C:\Program Files (x86)\JDownloader
    2014-09-11 10:04 - 2010-07-30 20:54 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\vlc
    2014-09-11 09:58 - 2014-05-26 12:12 - 00000000 ___RD () C:\Users\Philipp\Dropbox
    2014-09-11 03:41 - 2014-05-26 12:09 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Dropbox
    2014-09-11 03:16 - 2009-10-15 12:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-11 03:15 - 2010-10-06 16:11 - 01553256 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-09-11 03:14 - 2014-05-11 11:17 - 00001912 _____ () C:\Windows\epplauncher.mif
    2014-09-11 03:14 - 2014-05-11 11:16 - 00001826 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2014-09-11 03:14 - 2014-05-11 11:16 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2014-09-11 03:13 - 2014-05-11 11:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2014-09-11 03:13 - 2013-10-24 14:40 - 00000000 ____D () C:\Windows\system32\MRT
    2014-09-11 03:02 - 2006-11-02 14:35 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2014-09-06 08:27 - 2014-09-06 08:25 - 00000000 ____D () C:\Users\Philipp\Desktop\Pfauen
    2014-09-04 10:14 - 2010-03-17 07:41 - 00020992 _____ () C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2014-09-02 03:18 - 2006-11-02 17:21 - 03159848 _____ () C:\Windows\system32\FNTCACHE.DAT

    Files to move or delete:
    ====================
    C:\Users\Philipp\FurMark_1.10.5_Setup.exe

    Some content of TEMP:
    ====================
    C:\Users\Philipp\AppData\Local\Temp\securitascoutgames_3.exe
    C:\Users\Philipp\AppData\Local\Temp\unwise.exe

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-09-24 07:37

    ==================== End Of Log ============================

     

     

    Und hier die zweite Datei:

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014
    Ran by Philipp at 2014-09-24 10:13:55
    Running from C:\Users\Philipp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4X2VB0KP
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
    AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.386 - ACD Systems International Inc.)
    Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.4 - Adobe Systems) Hidden
    Adobe Acrobat 9.5.4 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_954) (Version:  - Adobe Systems Incorporated)
    Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
    Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
    Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_71bc85719badc9942e1198866ee2cbc) (Version: 4.0 - Adobe Systems Incorporated)
    Adobe Creative Suite 4 Master Collection (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
    Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Encore CS4 Codecs (x32 Version: 4 - Adobe Systems Incorporated) Hidden
    Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
    Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
    Adobe Flash CS4 Professional (HKLM-x32\...\Adobe_a68eec966ce913ddaa63251dc82ed31) (Version: 10.0 - Adobe Systems Incorporated)
    Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.278 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Illustrator CS4 (x32 Version: 14.0 - Adobe Systems Incorporated) Hidden
    Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
    Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
    Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
    Adobe Reader X (10.1.4) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
    Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
    Adobe Soundbooth CS4 Codecs (x32 Version: 2 - Adobe Systems Incorporated) Hidden
    Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
    Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
    Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
    Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
    Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    ArchiCAD 13 AUT (HKLM\...\001FFF2FFF13FF00FF0901F00F02F000-R1) (Version:  - )
    Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
    CCleaner (HKLM\...\CCleaner) (Version: 3.04 - Piriform)
    CDDRV_Installer (Version: 4.60 - Logitech) Hidden
    Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
    CorelDRAW Graphics Suite X3 (HKLM-x32\...\_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version:  - Corel Corporation)
    CorelDRAW Graphics Suite X3 (x32 Version: 13.2 - Corel Corporation) Hidden
    DE (x32 Version: 13.0 - Corel Corporation) Hidden
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
    Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
    Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.6 - Emsisoft GmbH)
    FontNav (x32 Version: 5.0 - Corel Corporation) Hidden
    Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Java 2 Runtime Environment, SE v1.4.2 (HKLM-x32\...\{7148F0A8-6813-11D6-A77B-00B0D0142000}) (Version: 1.4.2 - Sun Microsystems, Inc.)
    Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
    Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
    JDownloader (HKLM-x32\...\JDownloader) (Version: 0.89 - AppWork UG (haftungsbeschränkt))
    KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
    kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
    Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
    MAGIX Web Designer 6 Content (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
    MAGIX Web Designer 6 Download-Version (HKLM-x32\...\MAGIX_MSI_Web_Designer_6) (Version: 6.0.1.12379 - MAGIX AG)
    MAGIX Web Designer 6 Download-Version (x32 Version: 6.0.1.12379 - MAGIX AG) Hidden
    MAGIX Web Designer 7 Premium Content Pack (x32 Version: 1.0.0.0 - MAGIX AG) Hidden
    MAGIX Web Designer 7 Premium Download-Version (HKLM-x32\...\MAGIX_MSI_Web_Designer_7_Premium) (Version: 7.0.4.16646 - MAGIX AG)
    MAGIX Web Designer 7 Premium Download-Version (x32 Version: 7.0.4.16646 - MAGIX AG) Hidden
    MAGIX Web Designer MX Premium (HKLM-x32\...\MAGIX_{739FE2DC-0C7E-4A1C-AC6E-46348169E27E}) (Version: 8.0.2.21761 - MAGIX AG)
    MAGIX Web Designer MX Premium (Version: 8.0.2.21761 - MAGIX AG) Hidden
    MAGIX Web Designer MX Premium Content Pack (Version: 1.1.0.0 - MAGIX AG) Hidden
    Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 32.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
    MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
    Nero 8 (HKLM-x32\...\{1CA7ACD6-B21B-4240-AA05-4FC55F6E1031}) (Version: 8.3.465 - Nero AG)
    neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
    NETGEAR WNA1000M Wireless USB 2.0 Adapter (x32 Version: 1.01.10 - NETGEAR) Hidden
    NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
    NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
    NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
    NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
    NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
    NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
    OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
    OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
    PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
    Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
    Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
    Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    QuickTime (HKLM-x32\...\{5B09BD67-4C99-46A1-8161-B7208CE18121}) (Version: 7.3.0.70 - Apple Inc.)
    Samsung CLP-300 Series (HKLM-x32\...\Samsung CLP-300 Series) (Version:  - Samsung Electronics CO.,LTD)
    Schachermayer Warenkorb 2.6a (HKLM-x32\...\ST6UNST #1) (Version:  - )
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
    Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SOAP3 and XML4 (x32 Version: 1.0.0 - Xara - Microsoft) Hidden
    Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
    Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
    Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
    Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
    Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
    Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
    Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
    Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
    Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
    VBA (x32 Version: 6.2 - Corel Corporation) Hidden
    VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
    VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
    Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
    WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
    Xara Designer Pro 6 (HKLM-x32\...\MAGIX_MSI_XtremePro6) (Version: 6.1.1.13205 - Xara Group Ltd)
    Xara Designer Pro 6 (x32 Version: 6.1.1.13205 - Xara Group Ltd) Hidden
    Xara Designer Pro 6 Content Pack (x32 Version: 1.0.0.0 - Xara Group Ltd) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files (x86)\MAGIX\Web Designer MX Premium\WebDesigner.exe (Xara Group Ltd.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1002_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files (x86)\Xara\Xara_Designer_Pro_6\DesignerPro.exe (Xara Group Ltd.)
    CustomCLSID: HKU\S-1-5-21-2723512163-2963705854-2571069048-1002_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files (x86)\MAGIX\Web Designer 7 Premium Download-Version\WebDesigner.exe (Xara Group Ltd.)

    ==================== Restore Points  =========================

    04-09-2014 16:56:02 Geplanter Prüfpunkt
    05-09-2014 15:36:28 Windows Update
    06-09-2014 22:00:01 Geplanter Prüfpunkt
    07-09-2014 22:00:01 Geplanter Prüfpunkt
    08-09-2014 22:00:01 Geplanter Prüfpunkt
    09-09-2014 15:35:55 Windows Update
    10-09-2014 22:00:02 Geplanter Prüfpunkt
    11-09-2014 01:00:14 Windows Update
    11-09-2014 22:00:01 Geplanter Prüfpunkt
    12-09-2014 22:00:01 Geplanter Prüfpunkt
    13-09-2014 22:00:01 Geplanter Prüfpunkt
    14-09-2014 01:52:04 Windows Update
    14-09-2014 22:00:01 Geplanter Prüfpunkt
    15-09-2014 22:00:01 Geplanter Prüfpunkt
    16-09-2014 22:00:01 Geplanter Prüfpunkt
    17-09-2014 22:00:02 Geplanter Prüfpunkt
    18-09-2014 01:50:15 Windows Update
    18-09-2014 22:00:01 Geplanter Prüfpunkt
    19-09-2014 22:00:01 Geplanter Prüfpunkt
    20-09-2014 22:00:01 Geplanter Prüfpunkt
    21-09-2014 22:00:01 Geplanter Prüfpunkt
    22-09-2014 01:50:03 Windows Update
    22-09-2014 14:47:40 Entfernt CrazyTalk
    23-09-2014 08:03:40 Geplanter Prüfpunkt
    23-09-2014 22:00:01 Geplanter Prüfpunkt

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2006-11-02 14:34 - 2010-05-31 23:49 - 00000789 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    127.0.0.1 activate.adobe.com

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
    Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
    Task: {2D3E4534-6321-41A1-88B9-DEE4E947F6C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-05] (Google Inc.)
    Task: {3DF66163-E492-4A72-9E01-D5ADB11CD154} - \{8C3FDD81-7AE0-4605-A46A-2488B179F2A3} No Task File <==== ATTENTION
    Task: {43411E3C-B875-43B3-AE8C-E8EC96B3EFA2} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
    Task: {4E946E6C-49EC-4FD9-8F58-EB5AF1752C5D} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
    Task: {4EC2D1B8-71EC-4C49-AADB-D7EFDDA382FE} - System32\Tasks\SpottyFiles Update => C:\Program Files (x86)\SpottyFiles\SpottyFilesUpdater.exe
    Task: {608AFA0B-B0BA-406E-89A1-E14EC0E2AD15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-05] (Google Inc.)
    Task: {60F7DC69-EE59-431E-BE62-A08532B3D805} - \SaveSense No Task File <==== ATTENTION
    Task: {7B9C5631-FFC1-47C1-BC9B-99256234D4C7} - \EPUpdater No Task File <==== ATTENTION
    Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
    Task: {A4DAE6F8-64C5-40EC-B0F5-94F5012978DF} - System32\Tasks\{C4055F77-6FC2-49CB-BB8C-6BC61B18556A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
    Task: {E205DB9B-9CD5-4F5E-A6E4-1EA83E1E47F6} - System32\Tasks\Advanced System Optimizer => C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe
    Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2006-12-09 04:55 - 2006-12-09 04:55 - 00022016 _____ () C:\Windows\System32\sugg1l6.dll
    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-08-26 21:24 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
    2010-03-19 19:21 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
    2014-09-22 17:32 - 2014-09-22 17:32 - 00751680 _____ () C:\Program Files (x86)\Emsisoft Anti-Malware\fw32.dll
    2014-09-22 08:09 - 2014-09-22 08:09 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2014-09-22 17:42 - 2014-09-22 17:42 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
    MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: BrMfcWnd => "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN
    MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
    MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
    MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
    MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    MSCONFIG\startupreg: V0330Mon.exe => C:\Windows\V0330Mon.exe
    MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/23/2014 07:35:22 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    Error: (09/23/2014 07:35:22 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    Error: (09/23/2014 07:34:49 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    Error: (09/23/2014 07:34:49 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    Error: (09/23/2014 07:34:29 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    Error: (09/23/2014 07:34:20 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    Error: (09/23/2014 07:34:14 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    Error: (09/23/2014 07:34:14 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    Error: (09/23/2014 07:33:58 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    Error: (09/23/2014 07:33:58 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Eintrag <C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.

    Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

    System errors:
    =============
    Error: (09/23/2014 05:55:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
    Description: 0x80070643Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.185.933.0){CEBC8411-9A33-4E04-9113-7BA1A77782A9}201

    Error: (09/23/2014 05:55:01 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

     Neue Signaturversion:

     Vorherige Signaturversion: 1.185.761.0

     Aktualisierungsquelle: %NT-AUTORITÄT59

     Aktualisierungsphase: 4.6.0305.00

     Quellpfad: 4.6.0305.01

     Signaturtyp: %NT-AUTORITÄT602

     Aktualisierungstyp: %NT-AUTORITÄT604

     Benutzer: NT-AUTORITÄT\SYSTEM

     Aktuelle Modulversion: %NT-AUTORITÄT605

     Vorherige Modulversion: %NT-AUTORITÄT606

     Fehlercode: %NT-AUTORITÄT607

     Fehlerbeschreibung: %NT-AUTORITÄT608

    Error: (09/22/2014 05:50:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Windows Update

    Error: (09/22/2014 05:41:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
    Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

    Error: (09/22/2014 05:41:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: i8042prt

    Error: (09/22/2014 05:38:08 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
    Description: Microsoft Antimalware Service

    Error: (09/22/2014 05:37:33 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

     Neue Signaturversion:

     Vorherige Signaturversion: 1.185.761.0

     Aktualisierungsquelle: %NT-AUTORITÄT59

     Aktualisierungsphase: 4.6.0305.00

     Quellpfad: 4.6.0305.01

     Signaturtyp: %NT-AUTORITÄT602

     Aktualisierungstyp: %NT-AUTORITÄT604

     Benutzer: NT-AUTORITÄT\SYSTEM

     Aktuelle Modulversion: %NT-AUTORITÄT605

     Vorherige Modulversion: %NT-AUTORITÄT606

     Fehlercode: %NT-AUTORITÄT607

     Fehlerbeschreibung: %NT-AUTORITÄT608

    Error: (09/11/2014 03:48:47 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Windows Update

    Error: (09/11/2014 03:40:13 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
    Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

    Error: (09/11/2014 03:39:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: i8042prt

    Microsoft Office Sessions:
    =========================
    Error: (09/23/2014 07:35:22 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING

    Error: (09/23/2014 07:35:22 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING

    Error: (09/23/2014 07:34:49 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING

    Error: (09/23/2014 07:34:49 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING

    Error: (09/23/2014 07:34:29 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING-BACKUP

    Error: (09/23/2014 07:34:20 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING-BACKUP

    Error: (09/23/2014 07:34:14 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING

    Error: (09/23/2014 07:34:14 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING

    Error: (09/23/2014 07:33:58 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING

    Error: (09/23/2014 07:33:58 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: Kontext:  Anwendung, SystemIndex Katalog

    Details:
     Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
    C:\USERS\PHILIPP\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A0ADOBFK.DEFAULT-1382330580154\SAFEBROWSING

    CodeIntegrity Errors:
    ===================================
      Date: 2014-09-24 10:13:51.522
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

      Date: 2014-09-24 10:13:51.414
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

      Date: 2014-09-24 10:13:51.304
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

      Date: 2014-09-24 10:13:51.188
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

      Date: 2014-09-24 10:13:50.968
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

      Date: 2014-09-24 10:13:50.858
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

      Date: 2014-09-24 10:13:50.751
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

      Date: 2014-09-24 10:13:50.630
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

      Date: 2014-09-22 18:12:54.042
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

      Date: 2014-09-22 18:12:53.907
      Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

    ==================== Memory info ===========================

    Processor: Intel® Core i5 CPU 750 @ 2.67GHz
    Percentage of memory in use: 82%
    Total physical RAM: 6134.57 MB
    Available physical RAM: 1073.91 MB
    Total Pagefile: 12412.65 MB
    Available Pagefile: 6835.45 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.81 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:931.51 GB) (Free:119.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive e: (SCH2014-2) (CDROM) (Total:4.07 GB) (Free:0 GB) CDFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 7C687C6C)
    Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================

     

     

     

    Danke nochmals Philipp


  5. Hallo

     

    Da ich im Internet nichts über den oben genannten Virus finden kann, und Emisoft die einzige Software ist die diesen Virus anzeigt dacht ich ich frage einfach mal hier im Forum nach. Es gibt anscheinend mehrere dieser Rouge.Win32....... Viren aber diesen "Expert Cleaner" habe ich noch nirgends gefunden. Kann mir jemand helfen diesen zu entfernen. Leider bin ich kein Experte und kann nur die Log File vom letzten Scan mit Emisoft anhängen:

     

    Emsisoft Anti-Malware - Version 9.0
    Letztes Update: 22.09.2014 17:34:16
    Benutzerkonto: Philipp-PC\Philipp

    Scan Einstellungen:

    Scan Methode: Detail Scan
    Objekte: Rootkits, Speicher, Traces, C:\, Q:\

    PUPs-Erkennung: Aus
    Archiv Scan: An
    ADS Scan: An
    Dateitypen-Filter: Aus
    Erweitertes Caching: An
    Direkter Festplattenzugriff: Aus

    Scan Beginn: 22.09.2014 17:45:18
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}  gefunden: Application.InstallTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{19975B78-1907-4DD6-A437-4C48120F46A4}  gefunden: Application.InstallExt (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{562B9317-C08A-444A-9482-62080DD851AE}  gefunden: Application.InstallTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A1440EC3-F0FA-407A-B811-DE6668C06D29}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C815E3DA-0823-49B0-9270-D1771D58B317}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E4A994B0-5550-4680-A4C6-B9470B888069}  gefunden: Application.InstallNews (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}  gefunden: Application.InstallNews (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F9EB11AB-9384-4736-9B33-993940F88895}  gefunden: Application.InstallNews (A)
    C:\Users\Philipp\AppData\Roaming\dvdvideosoftiehelpers  gefunden: Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\dvdvideosoftiehelpers  gefunden: Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\getrighttogo  gefunden: Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\getrighttogo  gefunden: Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\systweak  gefunden: Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\systweak  gefunden: Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\thinstall  gefunden: Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\thinstall  gefunden: Application.AppInstall (A)
    C:\ProgramData\babylon  gefunden: Application.AppInstall (A)
    C:\ProgramData\systweak  gefunden: Application.AppInstall (A)
    C:\ProgramData\trymedia  gefunden: Application.AppInstall (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\MOVIE2KDOWNLOADER  gefunden: Application.AdReg (A)
    Key: HKEY_USERS\S-1-5-21-2723512163-2963705854-2571069048-1001\SOFTWARE\BABSOLUTION  gefunden: Application.InstallAd (A)
    Key: HKEY_USERS\S-1-5-21-2723512163-2963705854-2571069048-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION  gefunden: Application.InstallAd (A)
    Key: HKEY_USERS\S-1-5-21-2723512163-2963705854-2571069048-1001\SOFTWARE\SOFTONIC  gefunden: Application.InstallAd (A)
    Key: HKEY_USERS\S-1-5-21-2723512163-2963705854-2571069048-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC  gefunden: Application.InstallAd (A)
    C:\Users\Philipp\AppData\Roaming\BabSolution  gefunden: Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\BabSolution  gefunden: Application.AppInstall (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SEC  gefunden: Rogue.Win32.ExpertCleaner (A)
    Key: HKEY_USERS\S-1-5-21-2723512163-2963705854-2571069048-1001\SOFTWARE\YAHOOPARTNERTOOLBAR  gefunden: Application.Win32.YTool (A)
    Key: HKEY_USERS\S-1-5-21-2723512163-2963705854-2571069048-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\YAHOOPARTNERTOOLBAR  gefunden: Application.Win32.YTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{09C554C3-109B-483C-A06B-F14172F1A947}  gefunden: Application.InstallDeal (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}  gefunden: Application.InstallTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}  gefunden: Application.InstallTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}  gefunden: Application.InstallTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESCORT.DLL  gefunden: Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESCORTAPP.DLL  gefunden: Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESCORTENG.DLL  gefunden: Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESCORTLBR.DLL  gefunden: Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESRV.EXE  gefunden: Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\B  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\PROD.CAP  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}  gefunden: Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}  gefunden: Application.AdReg (A)

    Gescannt 736699
    Gefunden 51

    Scan Ende: 23.09.2014 07:32:01
    Scan Zeit: 13:46:43

    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\PROD.CAP Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\B Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESRV.EXE Quarantäne Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESCORTLBR.DLL Quarantäne Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESCORTENG.DLL Quarantäne Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESCORTAPP.DLL Quarantäne Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\ESCORT.DLL Quarantäne Application.Win32.WSearch (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Quarantäne Application.InstallTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Quarantäne Application.InstallTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Quarantäne Application.InstallTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{09C554C3-109B-483C-A06B-F14172F1A947} Quarantäne Application.InstallDeal (A)
    Key: HKEY_USERS\S-1-5-21-2723512163-2963705854-2571069048-1001\SOFTWARE\YAHOOPARTNERTOOLBAR Quarantäne Application.Win32.YTool (A)
    C:\Users\Philipp\AppData\Roaming\BabSolution Quarantäne Application.AppInstall (A)
    Key: HKEY_USERS\S-1-5-21-2723512163-2963705854-2571069048-1001\SOFTWARE\SOFTONIC Quarantäne Application.InstallAd (A)
    Key: HKEY_USERS\S-1-5-21-2723512163-2963705854-2571069048-1001\SOFTWARE\BABSOLUTION Quarantäne Application.InstallAd (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\MOVIE2KDOWNLOADER Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Quarantäne Application.AdReg (A)
    C:\ProgramData\trymedia Quarantäne Application.AppInstall (A)
    C:\ProgramData\systweak Quarantäne Application.AppInstall (A)
    C:\ProgramData\babylon Quarantäne Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\thinstall Quarantäne Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\systweak Quarantäne Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\getrighttogo Quarantäne Application.AppInstall (A)
    C:\Users\Philipp\AppData\Roaming\dvdvideosoftiehelpers Quarantäne Application.AppInstall (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F9EB11AB-9384-4736-9B33-993940F88895} Quarantäne Application.InstallNews (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA} Quarantäne Application.InstallNews (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E4A994B0-5550-4680-A4C6-B9470B888069} Quarantäne Application.InstallNews (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C815E3DA-0823-49B0-9270-D1771D58B317} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A1440EC3-F0FA-407A-B811-DE6668C06D29} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Quarantäne Application.AdReg (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{562B9317-C08A-444A-9482-62080DD851AE} Quarantäne Application.InstallTool (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{19975B78-1907-4DD6-A437-4C48120F46A4} Quarantäne Application.InstallExt (A)
    Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983} Quarantäne Application.InstallTool (A)

    Quarantäne 42

    Gelöscht 0

     

     

    Ich verwende MS Security Essentials und die Windows Firewall und als OS habe ich Vista home Premium.

     

    Ich würde mich über einen Lösungsweg freuen.....Danke

     

    Philipp