Verseuchter Laptop?

#0
23.08.2015, 22:10
Member

Beiträge: 56
#1 Hallo und schon mal vielen Dank,

Also, seit rund 2 Wochen erscheint so eine Fehlermeldung mit update.exe, dass das nicht ausgeführt werden kann, obwohl ich nichts auswähle. Dann erschien schon 3x beim Runterfahren so ein blauer Bildschirm und der Laptop hat sich aufgehängt. Ich habe sowieso das Gefühl, dass er verseucht ist, weil er langsamer ist als früher und ich ihn länger nicht "gereinigt" habe. Habe aber noch kein AntiVir gemacht.
Hier die OTL-File:

OTL logfile created on: 23.08.2015 21:42:30 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\marc\Downloads\alte downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy

3,80 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 51,07% Memory free
7,60 Gb Paging File | 4,68 Gb Available in Paging File | 61,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280,99 Gb Total Space | 20,57 Gb Free Space | 7,32% Space Free | Partition Type: NTFS
Drive D: | 16,81 Gb Total Space | 2,43 Gb Free Space | 14,46% Space Free | Partition Type: NTFS
Drive E: | 99,34 Mb Total Space | 89,32 Mb Free Space | 89,92% Space Free | Partition Type: FAT32

Computer Name: MR_MOJITO | User Name: marc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\marc\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
PRC - C:\Users\marc\Downloads\alte downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2native.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\dda205128364510499bff84e347d0d28\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\d20cf89ac216e2348b1067752960e758\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8115eb34e0d122591c2a9595cfff225e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ad9feb3143717fe0e0a50f792718bbed\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5023210ae4242a319712718fc6a23848\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d2acb5226fa8916ef6417139a742a09d\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\432b41d4311091908117abe08d5ccdcb\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\7ab3e68c2e523f60bfc4f222cbd1c1d0\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\38d6578b4fe29bede85ffff08e3697b6\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9370714a38ae2805434296b26a9f5b14\PresentationFramework-SystemXmlLinq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\4df6733efc348c009a4a6e0adccc42a6\PresentationFramework-SystemData.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\5e84979fadb7eb63caedea9f4acefcc9\System.Data.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\5d2c01ae1ca8c40ed74cdfd7b7b7dcb1\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\cc7bb025e7cca401787cec5893c2cb67\System.ComponentModel.Composition.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()
MOD - C:\Users\marc\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (CGVPNCliService) -- C:\Program Files\CyberGhost 5\Service.exe (CyberGhost S.R.L)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Avira.ServiceHost) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (HPWMISVC) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (avnetflt) -- C:\Windows\SysNative\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (Visicom Media Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv.sys (Visicom Media Inc.)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (VCam_WDM) -- C:\Windows\SysNative\drivers\VCam_WDM.sys (e2eSoft)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/12
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d
FF - prefs.js..extensions.enabledItems: default-palette@celtx.com:1.0
FF - prefs.js..extensions.enabledItems: emoticons-msn-smileys@m513901.de:0.1
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0
FF - prefs.js..extensions.enabledItems: messagestyle-blackened@addons.instantbird.org:0.9
FF - prefs.js..extensions.enabledItems: messagestyle-depth@addons.instantbird.org:1.1
FF - prefs.js..extensions.enabledItems: messagestyle-minimal20@addons.instantbird.org:1.5

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.51.2: C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2: C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\marc\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015.08.17 10:23:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015.08.17 10:23:47 | 000,000,000 | ---D | M]

[2013.05.02 13:31:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marc\AppData\Roaming\mozilla\Extensions
[2012.01.17 17:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marc\AppData\Roaming\mozilla\Extensions\celtx@celtx.com
[2015.08.22 10:17:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marc\AppData\Roaming\mozilla\Firefox\Profiles\ddvqdywh.default\extensions
[2015.08.13 12:01:46 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\marc\AppData\Roaming\mozilla\Firefox\Profiles\ddvqdywh.default\extensions\abs@avira.com
[2013.01.03 14:57:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marc\AppData\Roaming\mozilla\Firefox\Profiles\jh8lz2zq.default\extensions
[2015.08.07 21:11:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2015.08.07 21:11:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2015.08.07 21:11:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015.08.17 01:31:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.04.07 14:16:01 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG
[2013.04.07 14:16:01 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\DEFAULT-PALETTE@CELTX.COM
[2013.04.07 14:16:01 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\EMOTICONS-MSN-SMILEYS@M513901.DE
[2013.04.07 14:16:01 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG
[2013.04.07 14:16:01 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-BLACKENED@ADDONS.INSTANTBIRD.ORG
[2013.04.07 14:16:01 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-DEPTH@ADDONS.INSTANTBIRD.ORG
[2013.04.07 14:16:01 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-MINIMAL20@ADDONS.INSTANTBIRD.ORG

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.8.0_51\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre1.8.0_51\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [AmazonMP3DownloaderHelper] C:\Users\marc\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
O4 - HKCU..\Run: [HP Deskjet 3520 series (NET)] C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab (Java Plug-in 11.51.2)
O16 - DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab (Java Plug-in 1.8.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab (Java Plug-in 11.51.2)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E5EED16-FAE9-4D0C-94ED-29161FBA4F59}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f92e68c8-2655-11e2-aa19-70f3955ed82f}\Shell - "" = AutoRun
O33 - MountPoints2\{f92e68c8-2655-11e2-aa19-70f3955ed82f}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:64bit: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015.08.17 10:58:16 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\CEF
[2015.08.13 14:48:50 | 000,000,000 | ---D | C] -- C:\Users\marc\Desktop\Hamdullah 13.08
[2015.08.13 12:41:46 | 000,000,000 | ---D | C] -- C:\Users\marc\AppData\Local\Audible
[2015.08.13 12:41:36 | 000,255,352 | ---- | C] (Audible, Inc.) -- C:\Windows\SysWow64\awrdscdc.ax
[2015.08.13 12:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2015.08.13 12:41:26 | 000,000,000 | ---D | C] -- C:\Users\marc\Documents\Audible
[2015.08.13 12:27:06 | 000,000,000 | ---D | C] -- C:\Users\marc\Desktop\Bärenjäger 2.8
[2015.08.08 08:11:56 | 000,000,000 | -H-D | C] -- C:\$Windows.~BT
[2015.08.07 21:46:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015.08.07 21:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015.08.07 21:45:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015.08.07 21:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015.08.07 21:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.07.12 10:28:44 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\marc\Desktop\*.tmp files -> C:\Users\marc\Desktop\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015.08.23 20:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.08.23 20:38:01 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.08.23 20:38:01 | 000,026,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.08.23 20:31:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.08.23 16:27:20 | 001,643,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.08.23 16:27:20 | 000,708,058 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2015.08.23 16:27:20 | 000,661,564 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.08.23 16:27:20 | 000,153,382 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2015.08.23 16:27:20 | 000,125,178 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.08.23 10:34:57 | 000,001,942 | ---- | M] () -- C:\Users\marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3520 series (Netzwerk).lnk
[2015.08.23 10:34:26 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2015.08.18 22:51:26 | 000,721,447 | ---- | M] () -- C:\Users\marc\Desktop\Vertrag_2288772.pdf
[2015.08.13 12:41:40 | 000,001,978 | ---- | M] () -- C:\Users\marc\Desktop\Audible Manager.lnk
[2015.08.13 12:41:36 | 000,255,352 | ---- | M] (Audible, Inc.) -- C:\Windows\SysWow64\awrdscdc.ax
[2015.08.13 11:54:12 | 000,423,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.08.12 15:53:04 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFormarc.job
[2015.07.31 15:09:54 | 000,001,512 | ---- | M] () -- C:\Users\marc\.recently-used.xbel
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\marc\Desktop\*.tmp files -> C:\Users\marc\Desktop\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015.08.18 22:51:26 | 000,721,447 | ---- | C] () -- C:\Users\marc\Desktop\Vertrag_2288772.pdf
[2015.08.17 10:23:48 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015.08.13 12:41:40 | 000,001,978 | ---- | C] () -- C:\Users\marc\Desktop\Audible Manager.lnk
[2015.07.31 15:09:54 | 000,001,512 | ---- | C] () -- C:\Users\marc\.recently-used.xbel
[2015.04.28 11:12:43 | 000,000,500 | ---- | C] () -- C:\Users\marc\AppData\Local\62107B2F_stp.CIS.part
[2015.04.28 11:12:41 | 019,783,680 | ---- | C] () -- C:\Users\marc\AppData\Local\62107B2F_stp.CIS
[2015.04.28 11:12:36 | 000,000,290 | ---- | C] () -- C:\Users\marc\AppData\Local\59ED2468_stp.CIS.part
[2015.04.28 11:12:34 | 000,202,535 | ---- | C] () -- C:\Users\marc\AppData\Local\59ED2468_stp.CIS
[2015.04.28 11:12:25 | 000,000,220 | ---- | C] () -- C:\Users\marc\AppData\Local\5D515C96_stp.CIS.part
[2015.04.28 11:12:24 | 000,385,602 | ---- | C] () -- C:\Users\marc\AppData\Local\5D515C96_stp.CIS
[2014.04.30 14:00:34 | 000,004,535 | ---- | C] () -- C:\Users\marc\AppData\Roaming\CamStudio.cfg
[2014.04.30 14:00:34 | 000,000,408 | ---- | C] () -- C:\Users\marc\AppData\Roaming\CamShapes.ini
[2014.04.30 14:00:34 | 000,000,408 | ---- | C] () -- C:\Users\marc\AppData\Roaming\CamLayout.ini
[2014.04.30 14:00:34 | 000,000,124 | ---- | C] () -- C:\Users\marc\AppData\Roaming\Camdata.ini
[2014.04.30 13:58:32 | 000,000,096 | ---- | C] () -- C:\Users\marc\AppData\Roaming\version2.xml
[2014.02.02 17:46:36 | 000,001,478 | ---- | C] () -- C:\Users\marc\AppData\Local\RecConfig.xml
[2013.12.28 18:32:27 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.12.12 11:58:03 | 000,068,640 | ---- | C] () -- C:\Windows\unTMV.exe
[2013.05.16 22:10:47 | 001,617,462 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.17 15:26:36 | 000,004,096 | -H-- | C] () -- C:\Users\marc\AppData\Local\keyfile3.drm
[2012.12.19 01:32:01 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.12.19 01:32:01 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2030.DAT
[2011.03.20 21:46:12 | 000,001,854 | ---- | C] () -- C:\Users\marc\AppData\Roaming\GhostObjGAFix.xml
[2011.03.05 16:26:42 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.02.07 10:47:55 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.01.29 19:28:13 | 000,017,408 | ---- | C] () -- C:\Users\marc\AppData\Local\WebpageIcons.db
[2010.12.26 12:00:11 | 000,049,664 | ---- | C] () -- C:\Users\marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.26 03:41:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.11 13:28:41 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.09.01 13:33:42 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.07.10 22:49:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.07.10 22:47:03 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010.07.10 22:38:31 | 000,000,268 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010.07.10 22:38:31 | 000,000,209 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010.05.16 22:05:17 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010.05.16 21:06:19 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010.03.03 08:08:14 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.03.03 08:08:14 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.03.03 08:08:14 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.03.03 08:08:12 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.03.03 08:08:10 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.02.23 21:15:02 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.02.09 18:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2013.09.22 11:10:47 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Amazon
[2014.01.29 11:56:09 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\AnvSoft
[2014.02.02 15:32:53 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Apowersoft
[2013.12.14 15:35:19 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Ashampoo
[2015.03.16 22:36:44 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\DVDVideoSoft
[2012.01.17 17:27:26 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Greyfirst
[2015.07.31 15:09:54 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\gtk-2.0
[2013.05.16 19:24:17 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\iuLab
[2014.02.01 20:55:54 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Nokia
[2013.05.11 22:29:55 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\OpenCandy
[2013.07.15 17:45:26 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Opera Software
[2012.11.11 15:21:47 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Origin
[2014.02.01 20:55:41 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\PC Suite
[2011.04.30 16:17:45 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\temp
[2013.05.28 23:32:28 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\TuneUp Software
[2015.08.15 13:17:32 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\uTorrent
[2010.12.26 11:59:18 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Video DVD Maker FREE
[2013.03.08 14:56:46 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\Xilisoft
[2011.06.03 17:05:28 | 000,000,000 | ---D | M] -- C:\Users\marc\AppData\Roaming\XMedia Recode
[2015.05.26 20:34:29 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2011.01.13 20:34:39 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2015.08.08 08:11:58 | 000,000,000 | -H-D | M] -- C:\$Windows.~BT
[2010.11.24 16:32:16 | 000,000,000 | ---D | M] -- C:\8d5d43f4ece74a104c54816baba4
[2010.05.17 08:22:11 | 000,000,000 | -HSD | M] -- C:\boot
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.08.31 17:31:57 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.07.10 22:58:39 | 000,000,000 | -H-D | M] -- C:\HP
[2013.05.26 17:52:51 | 000,000,000 | ---D | M] -- C:\Intel
[2013.05.16 19:19:36 | 000,000,000 | ---D | M] -- C:\MRecord
[2010.09.11 13:24:35 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.07.06 16:10:32 | 000,000,000 | ---D | M] -- C:\Netgear
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2015.08.07 21:45:21 | 000,000,000 | R--D | M] -- C:\Program Files
[2015.08.07 21:45:21 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2015.05.19 12:51:53 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.08.31 17:31:57 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.08.31 17:36:37 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.02.13 09:25:29 | 000,000,000 | ---D | M] -- C:\SwSetup
[2015.08.23 21:48:15 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.08.31 17:36:41 | 000,000,000 | -H-D | M] -- C:\SYSTEM.SAV
[2010.08.31 17:32:06 | 000,000,000 | R--D | M] -- C:\Users
[2010.12.26 11:59:18 | 000,000,000 | ---D | M] -- C:\videodvdmaker
[2015.08.13 11:51:26 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]

[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]


[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color]
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2013.09.26 20:26:12 | 098,009,570 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\霁왤ᵌ’
[2013.09.26 20:26:12 | 098,009,570 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\霁왤ᵌ’

< End of report >
Seitenanfang Seitenende
25.08.2015, 23:38
Member
Avatar Gool

Beiträge: 4730
#2 Ok, die gute Nachricht: es sieht nicht so aus, als ob Du Dir einen Virus eingefangen hättest.
Die Updater.exe kommt mit großer Sicherheit von Skype. Hier wäre es sinnvoll, wenn Du auf skype.com gehst und Dir gleich die neue Version herunterlädst und installierst. Das könnte das Problem beheben.

Die schlechte Nachricht: die Geschwindigkeit deines Rechners lässt sich durch das Skype-Update nicht beeinflussen. Du könntest allenfalls unnötige Software deinstallieren und Programme bzw. deren "Helper", die Du nicht regelmäßig benötigst, aus dem Autostart entfernen. Außerdem solltest Du Dich von TuneUp verabschieden, da das durchaus das System verlangsamen kann. Ansonsten hilft bei einem langsamen meistens nur eine Neuinstallation und - falls noch nicht vorhanden - eine SSD.
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: