| |
| |||||||
Log-Analyse und Auswertung: Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.01.2014, 01:27
| #1 |
 |  Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. Hallo, beim Zocken von Grid2 über Steam fuhr ich kürzlich plötzlich laufend gegen die Wand, machte Drehungen, blieb stehen etc. Ich fand schnell, dass der Rechner offensichtlich irgendwoher Tastaturanschläge gemeldet bekam, die mit mir nichts zu tun hatten. Nach einem Neustart war das Problem zunächst behoben, trat jedoch gerade vorhin massiv erneut auf. Ich ließ daraufhin mal Antimalwarebytes über den Rechner laufen, und das Programm wurde mehr als fündig. Ich ließ das Programm alle identifizierten Probleme beheben. Hier das Ergebnis: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.05.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 XXX :: NANOXWIN7 [Administrator] 05.01.2014 23:44:16 mbam-log-2014-01-05 (23-44-16).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 224404 Laufzeit: 3 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 34 HKCR\AppID\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{2C141B4C-B5BA-4E89-BE73-F71ED4A208CF} (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\mixidj.mixidjappCore.1 (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\mixidj.mixidjappCore (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\mixidj.mixidjHlpr.1 (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\mixidj.mixidjHlpr (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{7D0EE142-0642-4FDD-AF73-7399C04E1041} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\esrv.mixidjESrvc.1 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\esrv.mixidjESrvc (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{C3F978C3-0594-4397-B8E6-3F9D9BE6A7B9} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\escort.escortIEPane.1 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\escort.escortIEPane (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\mixidj.mixidjdskBnd.1 (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\mixidj.mixidjdskBnd (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{F9221CC8-22DF-4CEF-B8ED-BA87F1F09878} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\m (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Typelib\{8BA772A8-AC4F-4954-9B5E-433CA6DC506F} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{108F5878-71F9-4B5C-9EC0-58CEC29E8124} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A105B30B-D103-4781-B18C-E8DF93B6EBD0} (PUP.Optional.MixiDJ.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\MIXIDJ\MIXIDJ (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\mixidj\mixidj (PUP.Optional.MixiDJ.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BITGUARD (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MixiDJ chrome Toolbar (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mixidj (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 4 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Daten: hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004 -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Daten: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\mixidj\mixidj|tlbrSrchUrl (PUP.Optional.MixiDJToolbar.A) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SYSTEM\CurrentControlSet\Services\BitGuard|ImagePath (PUP.Optional.BitGuard.A) -> Daten: C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 14 C:\Users\XXX\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8 (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Local\Temp\mt_ffx\mixidj (PUP.Optional.MixiDJToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Local\Temp\mt_ffx\mixidj\mixidj (PUP.Optional.MixiDJToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Local\Temp\mt_ffx\mixidj\mixidj\1.8.18.8 (PUP.Optional.MixiDJToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\mixidj (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 35 C:\Users\XXX\AppData\Local\Temp\7224F989-BAB0-7891-B14D-7BE7DCF4E0CC\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Local\Temp\7224F989-BAB0-7891-B14D-7BE7DCF4E0CC\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Local\Temp\bus1B6D\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Local\Temp\bus4635\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Local\Temp\bus5E17\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Local\Temp\bus84BA\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Local\Temp\busDEBC\CrxUpdater_d.exe (PUP.Optional.CRX.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution\CR\mixiDj.crx (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution\Shared\MixiDJ.ico (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\escortShld.dll (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\GUninstaller.exe (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\uninstall.exe (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\XXX\AppData\Roaming\mixidj\sqlite3.dll (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.05.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 XXX :: NANOXWIN7 [Administrator] 05.01.2014 23:58:23 mbam-log-2014-01-05 (23-58-23).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 224394 Laufzeit: 2 Minute(n), 23 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Defogger Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:15 on 06/01/2014 (XXX)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by XXX (administrator) on NANOXWIN7 on 06-01-2014 00:17:27
Running from C:\Users\XXX\Desktop\Downloads\AntivirenProgramme\Farbar Recovery Scan Tool
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Elgato Systems) C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\AMD\Catalyst\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Tools\AudioSwitch\AudioSwitch.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
(Dropbox, Inc.) C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\Samsung Magician.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(ATI Technologies Inc.) C:\AMD\Catalyst\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla\Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\AMD\Catalyst\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\Updreg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] - C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [Live! Central 3] - C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [503955 2011-04-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [FastAccess Web Alert] - C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\FAInstaller\FAtry.exe [2033648 2011-07-11] (Microsoft)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Remote Control Editor] - C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe [1835008 2012-07-05] (Elgato Systems)
HKCU\...\Run: [Xvid] - C:\Program Files (x86)\Treiber\Codecs\CheckUpdate.exe [8192 2011-01-17] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AudioSwitch.lnk
ShortcutTarget: AudioSwitch.lnk -> C:\Program Files (x86)\Tools\AudioSwitch\AudioSwitch.exe ()
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\Samsung Magician.exe (Samsung Electronics.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TERRATEC Electronic GmbH\Terratec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{313DD21D-1719-4832-BEC1-3734BA1DD133}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default
FF user.js: detected! => C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\user.js
FF NewTab: hxxp://mixidj.delta-search.com/?babsrc=NT_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @comrade.gamespy.com/comrade - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\XXX\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\searchplugins\mixidj.xml
FF Extension: GFACE Experience Plugin - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\cryenginebrowserplugin@crytek.com
FF Extension: Xmarks - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\foxmarks@kei.com
FF Extension: No Name - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\staged
FF Extension: LastPass - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\support@lastpass.com
FF Extension: Flashblock - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF Extension: Speed Dial - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF Extension: WOT - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Image Zoom - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
FF Extension: Speed Dial - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: NoScript - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: DownThemAll! - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: Download Manager Tweak - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla\Firefox\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004
CHR RestoreOnStartup: "hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\pdf.dll No File
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Program Files (x86)\Mozilla\Firefox\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Comrade Plugin) - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Nitro PDF plugin for Firefox and Chrome) - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll No File
CHR Extension: (Google Docs) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (MixiDj Chrome Toolbar) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0_0
CHR Extension: (Gmail) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
S3 DAUpdaterSvc; x:\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [25832 2012-12-12] (BioWare)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
S3 OverwolfUpdaterService; C:\Program Files (x86)\TeamSpeak\Overwolf\OverwolfUpdater.exe [18360 2013-10-23] (Overwolf Ltd)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-29] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 CTHDB; C:\Windows\System32\DRIVERS\CtHDb.sys [28440 2013-02-14] (Creative Technology Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-12-13] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-02] (Logitech Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 UDST7000BDA; C:\Windows\System32\DRIVERS\TerraTecUsbBda.sys [917160 2012-08-27] (TerraTec Electronic GmbH.)
S3 UDST7000HID; C:\Windows\System32\DRIVERS\TerraTecUsbHid.sys [26408 2012-08-27] (TerraTec Electronic GmbH.)
R3 VF0400Vid; C:\Windows\System32\DRIVERS\V0400Vid.sys [242816 2010-01-04] (Creative Technology Ltd.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [204800 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [253440 2012-01-20] (VIA Technologies, Inc.)
S3 GPU-Z; \??\C:\Users\YYY\AppData\Local\Temp\GPU-Z.sys [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-06 00:16 - 2014-01-06 00:16 - 00000000 ____D C:\Users\XXX\Desktop\Virentfernung Januar 2014
2013-12-28 01:51 - 2013-12-28 01:51 - 00000000 ____D C:\Users\XXX\Documents\ANNO 2070
2013-12-27 00:17 - 2013-12-27 00:17 - 00000000 ____D C:\ProgramData\Solidshield
2013-12-27 00:16 - 2013-12-27 00:16 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Ubisoft
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Users\XXX\AppData\Local\MercurySteam
2013-12-23 22:38 - 2013-12-23 22:38 - 00000000 ____D C:\Users\XXX\Documents\Reus
2013-12-22 02:47 - 2013-12-22 03:14 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Sword of the Stars - The Pit
2013-12-20 03:50 - 2013-12-20 03:50 - 00000000 ____D C:\Program Files (x86)\BRS
2013-12-20 03:50 - 2011-03-19 15:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\Windows\SysWOW64\rapture3d_oal.dll
2013-12-20 03:50 - 2010-09-22 13:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\SysWOW64\mkl_blueripple.dll
2013-12-19 23:08 - 2013-12-19 23:08 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2013-12-19 11:10 - 2013-12-19 11:50 - 00000000 ____D C:\Users\XXX\AppData\Local\Darksiders2
2013-12-17 10:15 - 2013-12-17 10:15 - 00000000 ____D C:\GOG Games
2013-12-17 10:08 - 2014-01-05 22:18 - 00000000 ____D C:\Users\XXX\AppData\Local\GOG.com
2013-12-17 10:08 - 2013-12-17 10:08 - 00000000 ____D C:\Program Files (x86)\GoodOldGamesDownloader
2013-12-17 09:39 - 2013-12-17 09:42 - 00000000 ____D C:\Users\XXX\Documents\BattleWorldsKronos
2013-12-15 01:33 - 2013-12-15 01:33 - 00002157 _____ C:\Users\XXX\Desktop\AudacityPortable.exe - Verknüpfung.lnk
2013-12-15 00:57 - 2013-12-15 00:57 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2013-12-14 22:33 - 2013-12-14 22:33 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Free Video Converter.lnk
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\Documents\video
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorVideoConverter
2013-12-14 16:27 - 2013-12-23 02:33 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorFreeVideoCatcher
2013-12-14 16:27 - 2013-12-14 16:27 - 00001185 _____ C:\Users\XXX\Desktop\Kastor Free Video Catcher.lnk
2013-12-14 16:27 - 2008-09-24 21:33 - 00484352 _____ C:\Windows\SysWOW64\lame_enc.dll
2013-12-14 16:12 - 2013-12-14 16:46 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorStreamRecorder
2013-12-14 16:12 - 2013-12-14 16:12 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Stream Recorder.lnk
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Program Files (x86)\AviSynth
2013-12-14 15:56 - 2013-12-14 15:56 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Reallusion
2013-12-14 14:51 - 2013-12-14 14:51 - 00001202 _____ C:\Users\Public\Desktop\No23 Recorder.lnk
2013-12-14 14:51 - 2013-12-14 14:51 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-11 22:49 - 2011-05-30 14:42 - 00255488 _____ C:\Windows\system32\xvidvfw.dll
2013-12-11 22:49 - 2011-05-30 14:42 - 00240640 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-12-11 22:49 - 2011-05-23 10:52 - 00153088 _____ C:\Windows\SysWOW64\xvid.ax
2013-12-11 22:49 - 2011-05-23 08:49 - 00173568 _____ C:\Windows\system32\xvid.ax
2013-12-11 22:49 - 2011-05-23 08:46 - 00645632 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-12-11 22:49 - 2011-05-23 08:45 - 00696832 _____ C:\Windows\system32\xvidcore.dll
2013-12-11 21:44 - 2013-12-11 21:44 - 00000957 _____ C:\Users\XXX\Desktop\MonkeyJam.lnk
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\XXX\AppData\Roaming\MonkeyJam
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Program Files (x86)\MonkeyJam
2013-12-11 21:44 - 2005-02-27 17:11 - 00424960 _____ C:\Windows\SysWOW64\wavdest.ax
2013-12-10 21:58 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 21:58 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-10 21:58 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 21:58 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-10 21:58 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-10 21:58 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-10 21:58 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 21:58 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-10 21:58 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-10 21:58 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-10 21:58 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-10 21:58 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-10 21:58 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-10 21:58 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-10 21:58 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 21:58 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-10 21:58 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-10 21:58 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 21:58 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-10 21:58 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-10 21:58 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-10 21:58 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 21:58 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 21:58 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-10 21:58 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-10 21:58 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 21:58 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 21:58 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 21:58 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-10 21:58 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-10 21:58 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-10 21:58 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-10 21:58 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-10 21:58 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-10 21:58 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-10 21:39 - 2013-12-10 21:39 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 21:36 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-10 21:36 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 21:36 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-10 21:36 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-10 21:36 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-10 21:36 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-10 21:36 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-10 21:36 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 21:36 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-10 21:36 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 21:36 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 21:36 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-10 21:36 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 21:36 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 21:36 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-10 21:36 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-10 21:36 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-10 21:36 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 21:36 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 02:27 - 2013-12-10 02:27 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Naval Warfare
==================== One Month Modified Files and Folders =======
2014-01-06 00:16 - 2014-01-06 00:16 - 00000000 ____D C:\Users\XXX\Desktop\Virentfernung Januar 2014
2014-01-06 00:04 - 2009-07-14 05:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-06 00:04 - 2009-07-14 05:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-06 00:01 - 2012-12-11 11:21 - 00710502 _____ C:\Windows\system32\perfh007.dat
2014-01-06 00:01 - 2012-12-11 11:21 - 00154832 _____ C:\Windows\system32\perfc007.dat
2014-01-06 00:01 - 2009-07-14 06:13 - 01651686 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-06 00:00 - 2012-12-11 02:29 - 01891685 _____ C:\Windows\WindowsUpdate.log
2014-01-05 23:57 - 2013-02-26 14:54 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Dropbox
2014-01-05 23:57 - 2013-02-18 10:59 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-05 23:57 - 2012-12-11 14:06 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Nitro PDF
2014-01-05 23:57 - 2010-11-21 04:47 - 00352332 _____ C:\Windows\PFRO.log
2014-01-05 23:57 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-05 23:57 - 2009-07-14 05:51 - 00123912 _____ C:\Windows\setupact.log
2014-01-05 23:54 - 2013-09-13 22:16 - 00000000 ____D C:\ProgramData\BitGuard
2014-01-05 23:42 - 2013-02-28 08:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-05 23:42 - 2012-12-13 23:56 - 00000000 ___RD C:\Users\XXX\Desktop\Selten benötigt
2014-01-05 23:37 - 2013-02-18 10:59 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-05 22:18 - 2013-12-17 10:08 - 00000000 ____D C:\Users\XXX\AppData\Local\GOG.com
2014-01-05 22:03 - 2012-12-11 04:27 - 00000000 ___RD C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-04 22:01 - 2013-11-21 03:02 - 00000740 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-04 22:00 - 2013-11-21 03:02 - 00000000 ____D C:\Users\XXX\AppData\Roaming\vlc
2013-12-28 01:51 - 2013-12-28 01:51 - 00000000 ____D C:\Users\XXX\Documents\ANNO 2070
2013-12-27 22:28 - 2013-01-14 10:15 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-12-27 10:03 - 2013-06-12 09:47 - 00000020 ____H C:\ProgramData\PKP_DLev.DAT
2013-12-27 10:03 - 2013-06-12 09:47 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2013-12-27 00:17 - 2013-12-27 00:17 - 00000000 ____D C:\ProgramData\Solidshield
2013-12-27 00:16 - 2013-12-27 00:16 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Ubisoft
2013-12-27 00:12 - 2012-12-11 22:04 - 00508412 _____ C:\Windows\DirectX.log
2013-12-26 22:39 - 2012-12-16 17:43 - 00000000 ____D C:\Users\Public\Documents\Gescannte Dateien
2013-12-25 10:57 - 2013-06-13 10:01 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Apple Computer
2013-12-25 10:54 - 2013-06-13 10:01 - 00000000 ____D C:\Users\XXX\AppData\Local\Apple Computer
2013-12-25 01:38 - 2013-01-08 21:42 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Kalypso Media
2013-12-25 01:38 - 2012-12-12 10:53 - 00000000 ____D C:\Users\XXX\Documents\my games
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Users\XXX\AppData\Local\MercurySteam
2013-12-23 22:38 - 2013-12-23 22:38 - 00000000 ____D C:\Users\XXX\Documents\Reus
2013-12-23 02:33 - 2013-12-14 16:27 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorFreeVideoCatcher
2013-12-22 03:14 - 2013-12-22 02:47 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Sword of the Stars - The Pit
2013-12-20 03:50 - 2013-12-20 03:50 - 00000000 ____D C:\Program Files (x86)\BRS
2013-12-20 03:50 - 2013-11-22 04:55 - 00000000 ____D C:\ProgramData\Codemasters
2013-12-20 03:50 - 2012-12-16 01:14 - 00000000 ____D C:\Program Files (x86)\OpenAL
2013-12-19 23:08 - 2013-12-19 23:08 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2013-12-19 15:14 - 2013-02-08 22:34 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Skype
2013-12-19 11:50 - 2013-12-19 11:10 - 00000000 ____D C:\Users\XXX\AppData\Local\Darksiders2
2013-12-19 11:10 - 2012-12-11 21:57 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-12-18 10:56 - 2013-02-08 22:34 - 00000000 ____D C:\ProgramData\Skype
2013-12-18 10:55 - 2013-09-20 01:15 - 00013312 _____ C:\Users\XXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-18 10:55 - 2013-02-08 22:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-17 21:21 - 2009-07-14 05:45 - 00317104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-17 14:23 - 2013-05-07 14:14 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-17 14:23 - 2013-04-07 13:59 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-17 14:23 - 2013-04-07 13:59 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-17 10:15 - 2013-12-17 10:15 - 00000000 ____D C:\GOG Games
2013-12-17 10:08 - 2013-12-17 10:08 - 00000000 ____D C:\Program Files (x86)\GoodOldGamesDownloader
2013-12-17 10:08 - 2012-12-11 03:03 - 00069624 _____ C:\Users\XXX\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-17 09:42 - 2013-12-17 09:39 - 00000000 ____D C:\Users\XXX\Documents\BattleWorldsKronos
2013-12-15 01:33 - 2013-12-15 01:33 - 00002157 _____ C:\Users\XXX\Desktop\AudacityPortable.exe - Verknüpfung.lnk
2013-12-15 01:03 - 2012-12-17 13:08 - 00000000 ____D C:\Program Files (x86)\Tools
2013-12-15 00:57 - 2013-12-15 00:57 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2013-12-15 00:57 - 2013-06-13 10:01 - 00000000 ____D C:\Users\XXX\AppData\Roaming\HTC
2013-12-15 00:57 - 2013-06-13 10:01 - 00000000 ____D C:\ProgramData\HTC
2013-12-15 00:57 - 2013-06-13 10:00 - 00000000 ____D C:\Program Files (x86)\HTC
2013-12-15 00:53 - 2013-06-12 09:47 - 00000020 ____H C:\ProgramData\PKP_DLes.DAT
2013-12-14 22:33 - 2013-12-14 22:33 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Free Video Converter.lnk
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\Documents\video
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorVideoConverter
2013-12-14 16:46 - 2013-12-14 16:12 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorStreamRecorder
2013-12-14 16:27 - 2013-12-14 16:27 - 00001185 _____ C:\Users\XXX\Desktop\Kastor Free Video Catcher.lnk
2013-12-14 16:12 - 2013-12-14 16:12 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Stream Recorder.lnk
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Program Files (x86)\AviSynth
2013-12-14 15:56 - 2013-12-14 15:56 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Reallusion
2013-12-14 15:56 - 2013-03-08 16:31 - 00000000 ____D C:\ProgramData\Creative
2013-12-14 14:51 - 2013-12-14 14:51 - 00001202 _____ C:\Users\Public\Desktop\No23 Recorder.lnk
2013-12-14 14:51 - 2013-12-14 14:51 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-14 14:07 - 2012-12-11 02:29 - 00000000 ___RD C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-14 01:27 - 2012-12-11 10:29 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Nitro
2013-12-13 07:49 - 2012-12-11 04:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 20:57 - 2012-12-11 04:17 - 00000000 ____D C:\Program Files (x86)\Mozilla
2013-12-11 21:44 - 2013-12-11 21:44 - 00000957 _____ C:\Users\XXX\Desktop\MonkeyJam.lnk
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\XXX\AppData\Roaming\MonkeyJam
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Program Files (x86)\MonkeyJam
2013-12-11 15:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-11 00:42 - 2013-02-28 08:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 00:42 - 2013-02-20 20:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 00:42 - 2013-02-20 20:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 21:57 - 2013-08-19 06:23 - 00000000 ____D C:\Windows\system32\MRT
2013-12-10 21:56 - 2012-12-11 03:38 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 21:39 - 2013-12-10 21:39 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 21:39 - 2013-02-18 10:59 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-10 02:29 - 2013-11-16 21:50 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-10 02:27 - 2013-12-10 02:27 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Naval Warfare
2013-12-09 08:52 - 2013-03-15 16:07 - 00001257 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2013-12-09 08:52 - 2012-12-12 11:00 - 00000000 ____D C:\Program Files (x86)\Samsung
Files to move or delete:
====================
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
Some content of TEMP:
====================
C:\Users\XXX\AppData\Local\Temp\13-1_vista_win7_win8_64_dd_ccc_whql.exe
C:\Users\XXX\AppData\Local\Temp\ac37f03d3210d90ea3de2f27db37018d.dll
C:\Users\XXX\AppData\Local\Temp\AutoRun.exe
C:\Users\XXX\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\XXX\AppData\Local\Temp\avgnt.exe
C:\Users\XXX\AppData\Local\Temp\ChangeIcon.exe
C:\Users\XXX\AppData\Local\Temp\CheckLang.dll
C:\Users\XXX\AppData\Local\Temp\comver.dll
C:\Users\XXX\AppData\Local\Temp\CtRunApp.dll
C:\Users\XXX\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\XXX\AppData\Local\Temp\nitro_reader3_x64.exe
C:\Users\XXX\AppData\Local\Temp\npp.6.4.5.Installer.exe
C:\Users\XXX\AppData\Local\Temp\npp.6.5.Installer.exe
C:\Users\XXX\AppData\Local\Temp\SkypeSetup.exe
C:\Users\XXX\AppData\Local\Temp\sonarinst.exe
C:\Users\XXX\AppData\Local\Temp\tmpBC03.exe
C:\Users\XXX\AppData\Local\Temp\tmpC0B5.exe
C:\Users\XXX\AppData\Local\Temp\tmpC3D2.exe
C:\Users\XXX\AppData\Local\Temp\tmpCFA5.exe
C:\Users\XXX\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\XXX\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-04 22:21
==================== End Of Log ============================
--- --- --- (eine Addition.txt fand ich nicht; wenn ich es richtig verstehe, wird die erst ab dem zweiten Durchlauf von FRST.exe generiert, richtig?) GMER, 1. Durchlauf [code] GMER Logfile: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2014-01-06 00:33:46
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_SSD_830_Series rev.CXM03B1Q 238,47GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\YYY\AppData\Local\Temp\uwlcqpog.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000071f91a22 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000071f91ad0 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000071f91b08 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000071f91bba 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000071f91bda 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770e1465 2 bytes [0E, 77]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770e14bb 2 bytes [0E, 77]
.text ... * 2
.text C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe[3456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770e1465 2 bytes [0E, 77]
.text C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe[3456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770e14bb 2 bytes [0E, 77]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770e1465 2 bytes [0E, 77]
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770e14bb 2 bytes [0E, 77]
.text ... * 2
.text C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe[3524] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 00000000770e1465 2 bytes [0E, 77]
.text C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe[3524] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000770e14bb 2 bytes [0E, 77]
.text ... * 2
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 000000006fc511a8 2 bytes [C5, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 000000006fc513a8 2 bytes [C5, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 000000006fc51422 2 bytes [C5, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 000000006fc51498 2 bytes [C5, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 195 000000006f341b41 2 bytes [34, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 362 000000006f341be8 2 bytes [34, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 418 000000006f341c20 2 bytes [34, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 596 000000006f341cd2 2 bytes [34, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 628 000000006f341cf2 2 bytes [34, 6F]
---- EOF - GMER 2.1 ----
Ich hatte den Rechner zum Trennen vom Netzwerk heruntergefahren, nach dem Neustart und vor dem Start von GMER aber vergessen, den Virenschutz wieder auszuschalten. Daher Avira deaktiviert und GMER erneut laufen lassen. GMER, 2. Durchlauf [code] GMER Logfile: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2014-01-06 00:43:17
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_SSD_830_Series rev.CXM03B1Q 238,47GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\YYY\AppData\Local\Temp\uwlcqpog.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000071f91a22 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000071f91ad0 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000071f91b08 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000071f91bba 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000071f91bda 2 bytes [F9, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770e1465 2 bytes [0E, 77]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770e14bb 2 bytes [0E, 77]
.text ... * 2
.text C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe[3456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770e1465 2 bytes [0E, 77]
.text C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe[3456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770e14bb 2 bytes [0E, 77]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000770e1465 2 bytes [0E, 77]
.text C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000770e14bb 2 bytes [0E, 77]
.text ... * 2
.text C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe[3524] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 00000000770e1465 2 bytes [0E, 77]
.text C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe[3524] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000770e14bb 2 bytes [0E, 77]
.text ... * 2
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 000000006fc511a8 2 bytes [C5, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 000000006fc513a8 2 bytes [C5, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 000000006fc51422 2 bytes [C5, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 000000006fc51498 2 bytes [C5, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 195 000000006f341b41 2 bytes [34, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 362 000000006f341be8 2 bytes [34, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 418 000000006f341c20 2 bytes [34, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 596 000000006f341cd2 2 bytes [34, 6F]
.text C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe[3936] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 628 000000006f341cf2 2 bytes [34, 6F]
---- Threads - GMER 2.1 ----
Thread C:\Windows\SysWOW64\ntdll.dll [812:816] 0000000000d8d1f6
Thread C:\Windows\SysWOW64\ntdll.dll [812:156] 0000000074f7a7e0
Thread C:\Windows\SysWOW64\ntdll.dll [812:680] 0000000073cc8960
Thread C:\Windows\SysWOW64\ntdll.dll [812:600] 0000000073cc8960
Thread C:\Windows\SysWOW64\ntdll.dll [812:716] 0000000073cc8960
Thread C:\Windows\SysWOW64\ntdll.dll [812:652] 0000000073cc4090
Thread C:\Windows\SysWOW64\ntdll.dll [812:4584] 00000000750ee2cb
---- EOF - GMER 2.1 ----
Jetzt schon vielen Dank für Eure Hilfe dabei, den rechner hoffentlich wieder blank zu bekommen. Grüße JdD Geändert von JohnyderDepp (06.01.2014 um 01:31 Uhr) Grund: Danke, und Grüße, hinzugefügt |
|
06.01.2014, 01:50
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. Hallo, wo ist denn das andere Log von FRST, also die additions.txt?
__________________
__________________ |
|
06.01.2014, 05:36
| #3 | |
| | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a.Zitat:
Ich habe das so verstanden, dass die Additions.txt nur erstellt wird, wenn bereits eine FRST.txt vorhanden ist, also frühestens beim zweiten Scan. Oder liege ich falsch? Wo müsste ich die Additions.txt denn suchen, wenn nicht im Startverzeichnis von FRST.exe? |
|
06.01.2014, 08:36
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. Ab dem zweiten Start von FRST ist kein Haken mehr gesetzt bei additions.txt FRST starten, Haken setzen bei additions.txt und neue Logs erstellen
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
06.01.2014, 10:41
| #5 |
| | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. Aha. Das könnte man für so Deppen wie mich evtl. klarstellen (ich habe meinen alias nicht zufällig gewählt; da steckt eine Menge Erfahrung drin). Da heißt es ja "Ändere ungefragt keine der Checkboxen und klicke auf Scan.", also habe ich mich mit den Checkboxen nicht weiter auseinandergesetzt. FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by XXX (administrator) on NANOXWIN7 on 06-01-2014 10:30:12
Running from C:\Users\XXX\Desktop\Downloads\AntivirenProgramme\Farbar Recovery Scan Tool
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Elgato Systems) C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\Tools\AudioSwitch\AudioSwitch.exe
(Dropbox, Inc.) C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\Samsung Magician.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\AMD\Catalyst\ATI.ACE\Core-Static\MOM.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(ATI Technologies Inc.) C:\AMD\Catalyst\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\AMD\Catalyst\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\Updreg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] - C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative
Technology Ltd)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [Live! Central 3] - C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [503955 2011-04-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [FastAccess Web Alert] - C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\FAInstaller\FAtry.exe [2033648 2011-07-11] (Microsoft)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Remote Control Editor] - C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe [1835008 2012-07-05] (Elgato Systems)
HKCU\...\Run: [Xvid] - C:\Program Files (x86)\Treiber\Codecs\CheckUpdate.exe [8192 2011-01-17] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AudioSwitch.lnk
ShortcutTarget: AudioSwitch.lnk -> C:\Program Files (x86)\Tools\AudioSwitch\AudioSwitch.exe ()
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\Samsung Magician.exe (Samsung Electronics.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TERRATEC Electronic GmbH\Terratec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{313DD21D-1719-4832-BEC1-3734BA1DD133}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default
FF user.js: detected! => C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\user.js
FF NewTab: hxxp://mixidj.delta-search.com/?babsrc=NT_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @comrade.gamespy.com/comrade - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\XXX\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\searchplugins\mixidj.xml
FF Extension: GFACE Experience Plugin - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\cryenginebrowserplugin@crytek.com
FF Extension: Xmarks - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\foxmarks@kei.com
FF Extension: No Name - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\staged
FF Extension: LastPass - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\support@lastpass.com
FF Extension: Flashblock - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF Extension: Speed Dial - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF Extension: WOT - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Image Zoom - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
FF Extension: Speed Dial - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: NoScript - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: DownThemAll! - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: Download Manager Tweak - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla\Firefox\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004
CHR RestoreOnStartup: "hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\pdf.dll No File
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Program Files (x86)\Mozilla\Firefox\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Comrade Plugin) - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Nitro PDF plugin for Firefox and Chrome) - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll No File
CHR Extension: (Google Docs) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (MixiDj Chrome Toolbar) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0_0
CHR Extension: (Gmail) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
S3 DAUpdaterSvc; x:\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [25832 2012-12-12] (BioWare)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
S3 OverwolfUpdaterService; C:\Program Files (x86)\TeamSpeak\Overwolf\OverwolfUpdater.exe [18360 2013-10-23] (Overwolf Ltd)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-29] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 CTHDB; C:\Windows\System32\DRIVERS\CtHDb.sys [28440 2013-02-14] (Creative Technology Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-12-13] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-02] (Logitech Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 UDST7000BDA; C:\Windows\System32\DRIVERS\TerraTecUsbBda.sys [917160 2012-08-27] (TerraTec Electronic GmbH.)
S3 UDST7000HID; C:\Windows\System32\DRIVERS\TerraTecUsbHid.sys [26408 2012-08-27] (TerraTec Electronic GmbH.)
R3 VF0400Vid; C:\Windows\System32\DRIVERS\V0400Vid.sys [242816 2010-01-04] (Creative Technology Ltd.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [204800 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [253440 2012-01-20] (VIA Technologies, Inc.)
S3 GPU-Z; \??\C:\Users\YYY\AppData\Local\Temp\GPU-Z.sys [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-06 00:16 - 2014-01-06 01:24 - 00000000 ____D C:\Users\XXX\Desktop\Virentfernung Januar 2014
2013-12-28 01:51 - 2013-12-28 01:51 - 00000000 ____D C:\Users\XXX\Documents\ANNO 2070
2013-12-27 00:17 - 2013-12-27 00:17 - 00000000 ____D C:\ProgramData\Solidshield
2013-12-27 00:16 - 2013-12-27 00:16 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Ubisoft
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Users\XXX\AppData\Local\MercurySteam
2013-12-23 22:38 - 2013-12-23 22:38 - 00000000 ____D C:\Users\XXX\Documents\Reus
2013-12-22 02:47 - 2013-12-22 03:14 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Sword of the Stars - The Pit
2013-12-20 03:50 - 2013-12-20 03:50 - 00000000 ____D C:\Program Files (x86)\BRS
2013-12-20 03:50 - 2011-03-19 15:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\Windows\SysWOW64\rapture3d_oal.dll
2013-12-20 03:50 - 2010-09-22 13:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\SysWOW64\mkl_blueripple.dll
2013-12-19 23:08 - 2013-12-19 23:08 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2013-12-19 11:10 - 2013-12-19 11:50 - 00000000 ____D C:\Users\XXX\AppData\Local\Darksiders2
2013-12-17 10:15 - 2013-12-17 10:15 - 00000000 ____D C:\GOG Games
2013-12-17 10:08 - 2014-01-05 22:18 - 00000000 ____D C:\Users\XXX\AppData\Local\GOG.com
2013-12-17 10:08 - 2013-12-17 10:08 - 00000000 ____D C:\Program Files (x86)\GoodOldGamesDownloader
2013-12-17 09:39 - 2013-12-17 09:42 - 00000000 ____D C:\Users\XXX\Documents\BattleWorldsKronos
2013-12-15 01:33 - 2013-12-15 01:33 - 00002157 _____ C:\Users\XXX\Desktop\AudacityPortable.exe - Verknüpfung.lnk
2013-12-15 00:57 - 2013-12-15 00:57 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2013-12-14 22:33 - 2013-12-14 22:33 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Free Video Converter.lnk
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\Documents\video
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorVideoConverter
2013-12-14 16:27 - 2013-12-23 02:33 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorFreeVideoCatcher
2013-12-14 16:27 - 2013-12-14 16:27 - 00001185 _____ C:\Users\XXX\Desktop\Kastor Free Video Catcher.lnk
2013-12-14 16:27 - 2008-09-24 21:33 - 00484352 _____ C:\Windows\SysWOW64\lame_enc.dll
2013-12-14 16:12 - 2013-12-14 16:46 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorStreamRecorder
2013-12-14 16:12 - 2013-12-14 16:12 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Stream Recorder.lnk
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Program Files (x86)\AviSynth
2013-12-14 15:56 - 2013-12-14 15:56 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Reallusion
2013-12-14 14:51 - 2013-12-14 14:51 - 00001202 _____ C:\Users\Public\Desktop\No23 Recorder.lnk
2013-12-14 14:51 - 2013-12-14 14:51 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-11 22:49 - 2011-05-30 14:42 - 00255488 _____ C:\Windows\system32\xvidvfw.dll
2013-12-11 22:49 - 2011-05-30 14:42 - 00240640 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-12-11 22:49 - 2011-05-23 10:52 - 00153088 _____ C:\Windows\SysWOW64\xvid.ax
2013-12-11 22:49 - 2011-05-23 08:49 - 00173568 _____ C:\Windows\system32\xvid.ax
2013-12-11 22:49 - 2011-05-23 08:46 - 00645632 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-12-11 22:49 - 2011-05-23 08:45 - 00696832 _____ C:\Windows\system32\xvidcore.dll
2013-12-11 21:44 - 2013-12-11 21:44 - 00000957 _____ C:\Users\XXX\Desktop\MonkeyJam.lnk
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\XXX\AppData\Roaming\MonkeyJam
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Program Files (x86)\MonkeyJam
2013-12-11 21:44 - 2005-02-27 17:11 - 00424960 _____ C:\Windows\SysWOW64\wavdest.ax
2013-12-10 21:58 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 21:58 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-10 21:58 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 21:58 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-10 21:58 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-10 21:58 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-10 21:58 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 21:58 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-10 21:58 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-10 21:58 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-10 21:58 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-10 21:58 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-10 21:58 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-10 21:58 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-10 21:58 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 21:58 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-10 21:58 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-10 21:58 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 21:58 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-10 21:58 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-10 21:58 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-10 21:58 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 21:58 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 21:58 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-10 21:58 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-10 21:58 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 21:58 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 21:58 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 21:58 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-10 21:58 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-10 21:58 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-10 21:58 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-10 21:58 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-10 21:58 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-10 21:58 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-10 21:39 - 2013-12-10 21:39 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 21:36 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-10 21:36 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 21:36 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-10 21:36 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-10 21:36 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-10 21:36 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-10 21:36 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-10 21:36 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 21:36 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-10 21:36 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 21:36 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 21:36 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-10 21:36 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 21:36 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 21:36 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-10 21:36 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-10 21:36 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-10 21:36 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 21:36 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 02:27 - 2013-12-10 02:27 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Naval Warfare
==================== One Month Modified Files and Folders =======
2014-01-06 10:27 - 2012-12-11 02:29 - 01924934 _____ C:\Windows\WindowsUpdate.log
2014-01-06 10:26 - 2009-07-14 05:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-06 10:26 - 2009-07-14 05:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-06 10:24 - 2012-12-11 11:21 - 00710502 _____ C:\Windows\system32\perfh007.dat
2014-01-06 10:24 - 2012-12-11 11:21 - 00154832 _____ C:\Windows\system32\perfc007.dat
2014-01-06 10:24 - 2009-07-14 06:13 - 01651686 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-06 10:20 - 2013-02-26 14:54 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Dropbox
2014-01-06 10:20 - 2013-02-18 10:59 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-06 10:20 - 2012-12-11 14:06 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Nitro PDF
2014-01-06 10:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 10:19 - 2009-07-14 05:51 - 00124136 _____ C:\Windows\setupact.log
2014-01-06 05:42 - 2013-02-28 08:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-06 05:37 - 2013-02-18 10:59 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-06 01:24 - 2014-01-06 00:16 - 00000000 ____D C:\Users\XXX\Desktop\Virentfernung Januar 2014
2014-01-05 23:57 - 2010-11-21 04:47 - 00352332 _____ C:\Windows\PFRO.log
2014-01-05 23:54 - 2013-09-13 22:16 - 00000000 ____D C:\ProgramData\BitGuard
2014-01-05 23:42 - 2012-12-13 23:56 - 00000000 ___RD C:\Users\XXX\Desktop\Selten benötigt
2014-01-05 22:18 - 2013-12-17 10:08 - 00000000 ____D C:\Users\XXX\AppData\Local\GOG.com
2014-01-05 22:03 - 2012-12-11 04:27 - 00000000 ___RD C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-04 22:01 - 2013-11-21 03:02 - 00000740 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-04 22:00 - 2013-11-21 03:02 - 00000000 ____D C:\Users\XXX\AppData\Roaming\vlc
2013-12-28 01:51 - 2013-12-28 01:51 - 00000000 ____D C:\Users\XXX\Documents\ANNO 2070
2013-12-27 22:28 - 2013-01-14 10:15 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-12-27 10:03 - 2013-06-12 09:47 - 00000020 ____H C:\ProgramData\PKP_DLev.DAT
2013-12-27 10:03 - 2013-06-12 09:47 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2013-12-27 00:17 - 2013-12-27 00:17 - 00000000 ____D C:\ProgramData\Solidshield
2013-12-27 00:16 - 2013-12-27 00:16 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Ubisoft
2013-12-27 00:12 - 2012-12-11 22:04 - 00508412 _____ C:\Windows\DirectX.log
2013-12-26 22:39 - 2012-12-16 17:43 - 00000000 ____D C:\Users\Public\Documents\Gescannte Dateien
2013-12-25 10:57 - 2013-06-13 10:01 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Apple Computer
2013-12-25 10:54 - 2013-06-13 10:01 - 00000000 ____D C:\Users\XXX\AppData\Local\Apple Computer
2013-12-25 01:38 - 2013-01-08 21:42 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Kalypso Media
2013-12-25 01:38 - 2012-12-12 10:53 - 00000000 ____D C:\Users\XXX\Documents\my games
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Users\XXX\AppData\Local\MercurySteam
2013-12-23 22:38 - 2013-12-23 22:38 - 00000000 ____D C:\Users\XXX\Documents\Reus
2013-12-23 02:33 - 2013-12-14 16:27 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorFreeVideoCatcher
2013-12-22 03:14 - 2013-12-22 02:47 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Sword of the Stars - The Pit
2013-12-20 03:50 - 2013-12-20 03:50 - 00000000 ____D C:\Program Files (x86)\BRS
2013-12-20 03:50 - 2013-11-22 04:55 - 00000000 ____D C:\ProgramData\Codemasters
2013-12-20 03:50 - 2012-12-16 01:14 - 00000000 ____D C:\Program Files (x86)\OpenAL
2013-12-19 23:08 - 2013-12-19 23:08 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2013-12-19 15:14 - 2013-02-08 22:34 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Skype
2013-12-19 11:50 - 2013-12-19 11:10 - 00000000 ____D C:\Users\XXX\AppData\Local\Darksiders2
2013-12-19 11:10 - 2012-12-11 21:57 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-12-18 10:56 - 2013-02-08 22:34 - 00000000 ____D C:\ProgramData\Skype
2013-12-18 10:55 - 2013-09-20 01:15 - 00013312 _____ C:\Users\XXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-18 10:55 - 2013-02-08 22:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-17 21:21 - 2009-07-14 05:45 - 00317104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-17 14:23 - 2013-05-07 14:14 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-17 14:23 - 2013-04-07 13:59 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-17 14:23 - 2013-04-07 13:59 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-17 10:15 - 2013-12-17 10:15 - 00000000 ____D C:\GOG Games
2013-12-17 10:08 - 2013-12-17 10:08 - 00000000 ____D C:\Program Files (x86)\GoodOldGamesDownloader
2013-12-17 10:08 - 2012-12-11 03:03 - 00069624 _____ C:\Users\XXX\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-17 09:42 - 2013-12-17 09:39 - 00000000 ____D C:\Users\XXX\Documents\BattleWorldsKronos
2013-12-15 01:33 - 2013-12-15 01:33 - 00002157 _____ C:\Users\XXX\Desktop\AudacityPortable.exe - Verknüpfung.lnk
2013-12-15 01:03 - 2012-12-17 13:08 - 00000000 ____D C:\Program Files (x86)\Tools
2013-12-15 00:57 - 2013-12-15 00:57 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2013-12-15 00:57 - 2013-06-13 10:01 - 00000000 ____D C:\Users\XXX\AppData\Roaming\HTC
2013-12-15 00:57 - 2013-06-13 10:01 - 00000000 ____D C:\ProgramData\HTC
2013-12-15 00:57 - 2013-06-13 10:00 - 00000000 ____D C:\Program Files (x86)\HTC
2013-12-15 00:53 - 2013-06-12 09:47 - 00000020 ____H C:\ProgramData\PKP_DLes.DAT
2013-12-14 22:33 - 2013-12-14 22:33 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Free Video Converter.lnk
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\Documents\video
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorVideoConverter
2013-12-14 16:46 - 2013-12-14 16:12 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorStreamRecorder
2013-12-14 16:27 - 2013-12-14 16:27 - 00001185 _____ C:\Users\XXX\Desktop\Kastor Free Video Catcher.lnk
2013-12-14 16:12 - 2013-12-14 16:12 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Stream Recorder.lnk
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Program Files (x86)\AviSynth
2013-12-14 15:56 - 2013-12-14 15:56 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Reallusion
2013-12-14 15:56 - 2013-03-08 16:31 - 00000000 ____D C:\ProgramData\Creative
2013-12-14 14:51 - 2013-12-14 14:51 - 00001202 _____ C:\Users\Public\Desktop\No23 Recorder.lnk
2013-12-14 14:51 - 2013-12-14 14:51 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-14 14:07 - 2012-12-11 02:29 - 00000000 ___RD C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-14 01:27 - 2012-12-11 10:29 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Nitro
2013-12-13 07:49 - 2012-12-11 04:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 20:57 - 2012-12-11 04:17 - 00000000 ____D C:\Program Files (x86)\Mozilla
2013-12-11 21:44 - 2013-12-11 21:44 - 00000957 _____ C:\Users\XXX\Desktop\MonkeyJam.lnk
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\XXX\AppData\Roaming\MonkeyJam
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Program Files (x86)\MonkeyJam
2013-12-11 15:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-11 00:42 - 2013-02-28 08:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 00:42 - 2013-02-20 20:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 00:42 - 2013-02-20 20:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 21:57 - 2013-08-19 06:23 - 00000000 ____D C:\Windows\system32\MRT
2013-12-10 21:56 - 2012-12-11 03:38 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 21:39 - 2013-12-10 21:39 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 21:39 - 2013-02-18 10:59 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-10 02:29 - 2013-11-16 21:50 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-10 02:27 - 2013-12-10 02:27 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Naval Warfare
2013-12-09 08:52 - 2013-03-15 16:07 - 00001257 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2013-12-09 08:52 - 2012-12-12 11:00 - 00000000 ____D C:\Program Files (x86)\Samsung
Files to move or delete:
====================
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
Some content of TEMP:
====================
C:\Users\XXX\AppData\Local\Temp\13-1_vista_win7_win8_64_dd_ccc_whql.exe
C:\Users\XXX\AppData\Local\Temp\ac37f03d3210d90ea3de2f27db37018d.dll
C:\Users\XXX\AppData\Local\Temp\AutoRun.exe
C:\Users\XXX\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\XXX\AppData\Local\Temp\avgnt.exe
C:\Users\XXX\AppData\Local\Temp\ChangeIcon.exe
C:\Users\XXX\AppData\Local\Temp\CheckLang.dll
C:\Users\XXX\AppData\Local\Temp\comver.dll
C:\Users\XXX\AppData\Local\Temp\CtRunApp.dll
C:\Users\XXX\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\XXX\AppData\Local\Temp\nitro_reader3_x64.exe
C:\Users\XXX\AppData\Local\Temp\npp.6.4.5.Installer.exe
C:\Users\XXX\AppData\Local\Temp\npp.6.5.Installer.exe
C:\Users\XXX\AppData\Local\Temp\SkypeSetup.exe
C:\Users\XXX\AppData\Local\Temp\sonarinst.exe
C:\Users\XXX\AppData\Local\Temp\tmpBC03.exe
C:\Users\XXX\AppData\Local\Temp\tmpC0B5.exe
C:\Users\XXX\AppData\Local\Temp\tmpC3D2.exe
C:\Users\XXX\AppData\Local\Temp\tmpCFA5.exe
C:\Users\XXX\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\XXX\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-04 22:21
==================== End Of Log ============================
--- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by XXX at 2014-01-06 10:30:43
Running from C:\Users\XXX\Desktop\Downloads\AntivirenProgramme\Farbar Recovery Scan Tool
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
@BIOS (x32 Version: 2.28 - GIGABYTE)
«Eador. Genesis» (x32 Version: - )
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Act of War - High Treason (x32 Version: 1.00.000 - )
Act of War High Treason Package (x32 Version: - GamersGate)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Advanced Audio FX Engine (x32 Version: 1.12.05 - Creative Technology Ltd)
Age of Empires II: HD Edition (x32 Version: - Hidden Path Entertainment, Ensemble Studios)
Alan Wake (x32 Version: - Remedy Entertainment)
Alan Wake's American Nightmare (x32 Version: - Remedy Entertainment)
Alien Arena 7.60 (x32 Version: - COR Entertainment, LLC)
alien_crossfire (Version: - )
Alpha Protocol (x32 Version: - Obsidian Entertainment)
alpha_centauri (Version: - )
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
America's Army: Proving Grounds Beta (x32 Version: - )
Anno 2070 (x32 Version: - BlueByte)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Arena Wars 2 (x32 Version: - ExDream GmbH)
ARMA 2 (x32 Version: - Bohemia Interactive)
Arma 3 Alpha Lite (x32 Version: - Bohemia Interactive)
Arma Tactics (x32 Version: - Bohemia Interactive)
Armada 2526 Gold (x32 Version: 1.0.4.3 - Ntronium Games)
Armada 2526 Gold (x32 Version: 1.0.4.3 - Ntronium Games) Hidden
Assassin's Creed (x32 Version: - Ubisoft)
AudioSwitch v2.0 (x32 Version: - )
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
AviSynth 2.6 (x32 Version: 2.6.0.3 - GPL Public release.)
Bastion (x32 Version: - Supergiant Games)
Batman: Arkham Asylum GOTY Edition (x32 Version: - Rocksteady Studios)
Batman: Arkham City GOTY (x32 Version: - )
Battle Worlds: Kronos Demo (x32 Version: - )
Battlefield 1942™ (x32 Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (x32 Version: 1.5.0.0 - Electronic Arts)
Battlefield: Bad Company 2 (x32 Version: - DICE)
Battlelog Web Plugins (x32 Version: 2.1.3 - EA Digital Illusions CE AB)
BattlEye for Iron Front Uninstall (x32 Version: - )
Bionic Dues (x32 Version: - Arcen Games, LLC)
BioShock Infinite (x32 Version: - Irrational Games)
BitGuard (x32 Version: - MediaTechSoft Inc) <==== ATTENTION
Blade of Darkness (x32 Version: 2.0.0.5 - GOG.com)
Blood Bowl: Dark Elves Edition (x32 Version: - Cyanide Studio)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Borderlands (x32 Version: - Gearbox Software)
Borderlands 2 (x32 Version: - Gearbox Software)
BRINK (x32 Version: - Splash Damage)
Brütal Legend (x32 Version: - Double Fine Productions)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Call of Duty 4: Modern Warfare (x32 Version: - Infinity Ward)
Call of Duty: Black Ops II - Multiplayer (x32 Version: - )
Carrier Command: Gaea Mission (x32 Version: - Bohemia Interactive)
Castlevania: Lords of Shadow - Ultimate Edition (x32 Version: - MercurySteam - Climax Studios)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (x32 Version: - )
Cisco WebEx Meeting Center for Firefox or Chrome (x32 Version: 8.29.3216 - Cisco WebEx LLC)
Cisco WebEx Meetings (x32 Version: - Cisco WebEx LLC)
Cities in Motion (x32 Version: - )
Cities XL (x32 Version: - Monte Cristo)
Contagion (x32 Version: - Monochrome LLC)
Counter-Strike: Global Offensive (x32 Version: - )
CPUID CPU-Z 1.62 (Version: - )
CPUID HWMonitor 1.21 (Version: - )
Creative Live! Cam Notebook Pro (VF0400) Driver (1.05.03.00) (Version: - Creative Technology Ltd.)
Creative Live! Central 3 (x32 Version: 3.00.63 - Creative Technology Ltd)
Creative Music Server (x32 Version: 1.01 - Creative Technology Limited)
Creative Systeminformationen (x32 Version: 1.10 - Creative Technology Limited)
Crusader Kings II (x32 Version: - Paradox)
Crusaders: Thy Kingdom Come (x32 Version: - )
Crysis 2 Maximum Edition (x32 Version: - Electronic Arts)
Crysis Warhead (x32 Version: - Crytek)
Crysis®3 (x32 Version: 1.0.0.0 - Electronic Arts)
Dark Messiah Might and Magic Single Player (x32 Version: - Ubisoft)
Dark Souls: Prepare to Die Edition (x32 Version: - )
Darkest Hour: A Hearts of Iron Game (x32 Version: - )
Darksiders II (x32 Version: - Vigil Games)
Day of Defeat: Source (x32 Version: - Valve)
DC Universe Online Live (HKCU Version: - Sony Online Entertainment)
Dead Space (x32 Version: - EA Redwood Shores)
Defiance Free Trial (x32 Version: - Trion Worlds)
DefianceRuntimes (x32 Version: 1.0.2 - Trion Worlds, Inc.)
Descent 3 with Mercenary Expansion (x32 Version: 2.0.0.16 - GOG.com)
Diablo III (x32 Version: - Blizzard Entertainment)
DIAMS iQ Demo (HKCU Version: 2.6.0.55 - Dennemeyer)
DiRT (x32 Version: - Codemasters)
DiRT 3 (x32 Version: - Codemasters Racing Studio)
Disciples III: Renaissance (x32 Version: - Akella)
Dishonored (x32 Version: - Arkane Studios)
Divinity II: Developer's Cut (x32 Version: - Larian Studios)
DmC Devil May Cry (x32 Version: - Ninja Theory)
DMIView Ver.1.5 B12.0314.1 (x32 Version: 1.5 - GIGABYTE)
Dolby Digital Live Pack (x32 Version: 3.03 - Creative Technology Limited)
Dragon Age: Origins (x32 Version: - BioWare)
Dragon Age™ II (x32 Version: 1.04.8524.0 - Electronic Arts)
Drakensang (x32 Version: - dtp)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
Druckerdeinstallation für EPSON BX525WD Series (Version: - SEIKO EPSON Corporation)
Dual-Core Optimizer (x32 Version: 1.1.4.0169 - AMD)
Dungeon Siege III (x32 Version: - Obsidian Entertainment)
E.Y.E: Divine Cybermancy (x32 Version: - )
Eador. Masters of the Broken World (x32 Version: - Snowbird Games)
Easy Tune 6 B12.1112.1 (x32 Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.1112.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Empire: Total War (x32 Version: - The Creative Assembly)
Endless Space (x32 Version: - Amplitude Studios)
Entity Framework Tools for Visual Studio 2013 (x32 Version: 12.0.20912.0 - Microsoft Corporation)
EPSON BX525WD Series Manual (x32 Version: - )
EPSON BX525WD Series Network Guide (x32 Version: - )
EPSON Scan (x32 Version: - Seiko Epson Corporation)
EpsonNet Print (x32 Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (x32 Version: 3.3a - SEIKO EPSON CORPORATION)
Erforderliche Komponenten für SSDT (x32 Version: 11.1.3000.0 - Microsoft Corporation)
ESET Online Scanner v3 (x32 Version: - )
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Europa Universalis IV (x32 Version: - Paradox Development Studio)
EverQuest II (x32 Version: - Sony Online Entertainment)
Expeditions: Conquistador (x32 Version: - Logic Artists)
Fallen Enchantress (x32 Version: - Stardock Entertainment)
Fallout: New Vegas (x32 Version: - Bethesda Softworks)
Fantasy Wars (x32 Version: - Nobilis)
Far Cry 2 (x32 Version: - Ubisoft)
FastAccess Web Alert (x32 Version: 1.00 - Sensible Vision)
FIFA 13 Demo (x32 Version: 1.0.0.0 - Electronic Arts)
FIFA Manager 10 (x32 Version: - )
Firefall (x32 Version: - Red 5 Studios)
Forge (x32 Version: - )
Fragenbär - Richtig Mathe (x32 Version: 1.1 - SL-Lernsoftware)
Free Video Converter V 2.3 (x32 Version: 2.3.0.0 - Kastor Soft)
GameSpy Arcade (x32 Version: - )
GameSpy Comrade (x32 Version: 3.2.17.236 - GameSpy)
Garry's Mod (x32 Version: - Garry)
Gear Up (x32 Version: - )
GIGABYTE TweakLauncher (x32 Version: 12.04.26.1 - GIGABYTE)
GIGABYTE TweakLauncher (x32 Version: 12.04.26.1 - GIGABYTE) Hidden
GOG.com Downloader version 3.6.0 (x32 Version: 3.6.0 - GOG.com)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Gothic III (x32 Version: 1.00.0 - Dreamcatcher)
GPL Ghostscript (Version: 9.07 - Artifex Software Inc.)
Grand Theft Auto: Vice City (x32 Version: - Rockstar)
GRID (x32 Version: - Codemasters)
GRID 2 (x32 Version: - Codemasters Racing)
Guardians of Graxia (x32 Version: - )
Half-Life 2 (x32 Version: - Valve)
HdR Die Rückkehr des Königs tm (x32 Version: - )
Hearts of Iron II: Complete (x32 Version: - Paradox Interactive)
Hearts of Iron III (x32 Version: - Paradox Interactive)
Heroes of Might and Magic V (x32 Version: - Ubisoft)
Hitman 2: Silent Assassin (x32 Version: - Eidos)
Hitman: Absolution (x32 Version: - IO Interactive)
Hitman: Sniper Challenge (x32 Version: - IO Interactive)
HTC Driver Installer (x32 Version: 4.2.0.001 - HTC Corporation)
Hydrophobia: Prophecy (x32 Version: - Dark Energy Digital)
iCloud (Version: 3.0.2.163 - Apple Inc.)
Imperium Romanum 1.04 Gold Edition (x32 Version: 1.04 - Kalypso Media)
Impire (x32 Version: - Cyanide Montreal)
InfiniteCrisis (x32 Version: - Turbine, Inc)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Interstellar Marines (x32 Version: - Zero Point Software)
IPTInstaller (x32 Version: 4.0.8 - HTC)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Iron Front : Liberation 1944 (x32 Version: - X1 Software)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Just Cause 2 (x32 Version: - Avalanche Studios)
Just Cause 2: Multiplayer Mod (x32 Version: - Avalanche Studios)
Kastor - Stream Recorder V 1.0 (x32 Version: 1.0.0.0 - KastorSoft)
Kastor Free Video Catcher V 2.3 (x32 Version: 2.3.0.0 - KastorSoft)
Kenshi (x32 Version: - Lo-Fi Games)
King Arthur - The Role-playing Wargame (x32 Version: - Neocore Games)
King’s Bounty: Legions (x32 Version: - Nival)
Kingdoms Rise (x32 Version: - Flyleap Studios Pty. Ltd.)
Knights of Honor (x32 Version: - Crytek Black Sea)
Left 4 Dead 2 (x32 Version: - Valve)
Legend of Grimrock (x32 Version: - )
Legends of Eisenwald (x32 Version: - Aterdux Entertainment)
LibreOffice 3.6 (x32 Version: 3.6.4.3 - The Document Foundation)
LibreOffice 3.6 Help Pack (German) (x32 Version: 3.6.4.3 - The Document Foundation)
Logitech Gaming Software 8.40 (Version: 8.40.83 - Logitech Inc.)
Lost Planet 3 (x32 Version: - Spark Unlimited)
Mafia (x32 Version: - 2K Games)
Magic: The Gathering - Duels of the Planeswalkers (x32 Version: - )
Majesty 2 Collection (x32 Version: - Paradox Interactive)
Making History II: The War of the World (x32 Version: - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
ManiaPlanet (x32 Version: - Nadeo)
Mars: War Logs (x32 Version: - Spiders)
marvell 91xx driver (x32 Version: 1.2.0.1020 - Marvell)
Mass Effect 2 (x32 Version: - BioWare)
Mass Effect™ 3 (x32 Version: 1.05.0.0 - Electronic Arts)
Master Of Magic (x32 Version: - GOG.com)
Master of Orion 3 (x32 Version: - GamersGate)
Master of Orion II (x32 Version: - GamersGate)
Max Payne 3 (x32 Version: - Rockstar)
Medal of Honor (TM) (x32 Version: 1.0.0.0 - Electronic Arts)
Medal of Honor: Airborne (x32 Version: - )
Media Go (x32 Version: 2.6.205 - Sony)
Media Go Video Playback Engine 2.0.107.08290 (x32 Version: 2.0.107.08290 - Sony)
Medieval II Total War (x32 Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (x32 Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (x32 Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (x32 Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (x32 Version: 1.03.000 - SEGA)
Metro 2033 (x32 Version: - THQ)
Metro: Last Light (x32 Version: - 4A Games)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (x32 Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (x32 Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (x32 Version: 4.5.51641 - Microsoft Corporation)
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Command Line Utilities (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x32 Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (x32 Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (x32 Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x32 Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (Version: 11.1.3366.16 - Microsoft Corporation)
Might & Magic: Duel of Champions (x32 Version: - Ubisoft Quebec)
MonkeyJam 3_050529 (x32 Version: - GiantScreamingRobotMonkeys)
Mount & Blade (x32 Version: - Paradox Interactive)
Mount & Blade: Warband (x32 Version: - Taleworlds Entertainment)
Mount & Blade: With Fire and Sword (x32 Version: - )
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.2.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MusicBee 2.0 (x32 Version: 2.0 - Steven Mayall)
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
Nation Red (x32 Version: - Diezel Power)
Natural Selection 2 (x32 Version: - Unknown Worlds Entertainment)
Naval Warfare (x32 Version: - Game Distillery s.r.o.)
NecroVisioN (x32 Version: 1.00.0000 - 1C Publishing EU)
NecroVisioN Patch 1.1 (x32 Version: - GamersGate)
NecroVisioN Patch 1.2 (x32 Version: - GamersGate)
Need for Speed: Hot Pursuit (x32 Version: - Electronic Arts)
Need For Speed™ World (x32 Version: 1.0.0.1229 - Electronic Arts)
Neverwinter (x32 Version: - Cryptic Studios)
Nexuiz (x32 Version: - IllFonic)
Nikon Message Center 2 (x32 Version: 2.1.0 - Nikon)
Nikon Movie Editor (x32 Version: 2.7.0 - Nikon)
Nitro Reader 3 (Version: 3.5.2.10 - Nitro)
No23 Recorder (x32 Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Notepad++ (x32 Version: 6.5 - Notepad++ Team)
Nuclear Dawn (x32 Version: - Interwave)
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation)
Nvu 1.0 (x32 Version: 1.0 - Thorsten Fritz)
Of Orcs And Men (x32 Version: - Cyanide Studio - Spiders Studios)
ON_OFF Charge B12.1025.1 (x32 Version: 1.00.0001 - GIGABYTE)
OpenAL (x32 Version: - )
Origin (x32 Version: 9.1.3.2637 - Electronic Arts, Inc.)
Overwolf (x32 Version: 0.45.266 - Overwolf)
Painkiller Hell & Damnation (x32 Version: - )
Painkiller Overdose (x32 Version: - DreamCatcher)
Painkiller: Black Edition (x32 Version: - People Can Fly)
Painkiller: Recurring Evil (x32 Version: - hxxp://www.nordicgames.at/)
Painkiller: Redemption (x32 Version: - People Can Fly)
Painkiller: Resurrection (x32 Version: - Homegrown Games)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (x32 Version: 4.5.50932 - Microsoft Corporation)
Panzar (x32 Version: - Troxit Service)
Path of Exile (x32 Version: 0.10.1.22906 - Grinding Gear Games)
Penumbra: Black Plague (x32 Version: - Frictional Games)
Penumbra: Requiem (x32 Version: - Frictional Games)
Picture Control Utility x64 (Version: 1.4.12 - Nikon)
PlanetSide 2 (x32 Version: - Sony Online Entertainment)
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
PlayStation(R)Store (x32 Version: 4.18.0.15698 - Sony Computer Entertainment Inc.)
Port Royale 2 (x32 Version: - )
Port Royale 3 (x32 Version: - Gaming Minds)
PoxNora (x32 Version: - Sony Online Entertainment)
Pride of Nations (x32 Version: - )
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
Prototype (x32 Version: - Radical Entertainment)
PunkBuster Services (x32 Version: 0.989 - Even Balance, Inc.)
Qualcomm SmartNet Controller (x32 Version: 1.0.0.32 - Qualcomm Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
R.U.S.E (x32 Version: - Eugen Systems)
RAGE (x32 Version: - )
Railroad Tycoon 2: Platinum (x32 Version: - PopTop)
Rapture3D 2.4.8 Game (x32 Version: - Blue Ripple Sound)
Ravaged (x32 Version: - 2 Dawn Studios)
Red Faction: Armageddon (x32 Version: - Volition)
Red Faction: Guerrilla (x32 Version: - Volition)
Red Orchestra 2: Heroes of Stalingrad - Single Player (x32 Version: - )
Red Orchestra 2: Heroes of Stalingrad (x32 Version: - Tripwire)
Reign: Conflict of Nations (Remove Only) (x32 Version: 1.0.0.0 - 1C Publishing)
Renaissance Heroes (x32 Version: - )
Reus (x32 Version: - Abbey Games)
Rise of the Triad (x32 Version: - Interceptor Entertainment)
Rise of Venice (x32 Version: - )
Risen (x32 Version: - Piranha Bytes)
Risen 2 - Dark Waters (x32 Version: - Piranha Bytes)
Rockstar Games Social Club (x32 Version: 1.1.0.1 - Rockstar Games)
S.T.A.L.K.E.R.: Call of Pripyat (x32 Version: - GSC Game World)
S.T.A.L.K.E.R.: Clear Sky (x32 Version: - GSC Game World)
S.T.A.L.K.E.R.: Shadow of Chernobyl (x32 Version: - GSC Game World)
S4 League_EU (x32 Version: 1.00.0000 - )
Sacred 2 (x32 Version: 2.65.1.0 - Deep Silver)
Samsung Magician (x32 Version: 4.3.0 - Samsung Electronics)
Sauerbraten (x32 Version: - )
Section 8: Prejudice (x32 Version: - Timegate Studios, Inc)
Sengoku (x32 Version: - )
Serious Sam 3: BFE (x32 Version: - Croteam)
Shadow Harvest: Phantom Ops (x32 Version: - Black Lion Studios)
Shadow Warrior (x32 Version: - Flying Wild Hog)
Sid Meier's Alpha Centauri (x32 Version: 2.0.2.23 - GOG.com)
Sid Meier's Civilization IV: Beyond the Sword (x32 Version: - Firaxis)
Sid Meier's Civilization IV: Colonization (x32 Version: - Firaxis)
Sid Meier's Civilization V (x32 Version: - 2K Games, Inc.)
Sins of a Solar Empire: Trinity (x32 Version: - )
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Sleeping Dogs™ (x32 Version: - United Front Games)
Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)
Sound Blaster Recon3D PCIe (x32 Version: 1.00.31 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (x32 Version: 1.0 - Creative Technology Limited)
Space Empires V (x32 Version: - Malfador Machinations)
SpaceForce: Rogue Universe (x32 Version: - Provox)
Spec Ops: The Line (x32 Version: - YAGER)
Special Force 2 1.0 (x32 Version: - )
Star Ruler (x32 Version: - )
Star Wars - Battlefront II (x32 Version: - Pandemic Studios)
Star Wars: Empire at War Gold (x32 Version: - )
Star Wars: Knights of the Old Republic (x32 Version: - BioWare)
Star Wars: Knights of the Old Republic II (x32 Version: - LucasArts)
Star Wars: The Force Unleashed Ultimate Sith Edition (x32 Version: - LucasArts)
Star Wolves 3 Civil War (x32 Version: - GamersGate)
StarDrive (x32 Version: - )
State of Decay (x32 Version: - Undead Labs)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Supreme Ruler 2020 5.05.08 (x32 Version: - BattleGoat Studios)
Supreme Ruler 2020 Gold 6.8.1 (x32 Version: - BattleGoat Studios)
Sword of the Stars Complete Collection (x32 Version: - Kerberos Productions Inc.)
Sword of the Stars II: Enhanced Edition (x32 Version: - )
Sword of the Stars: Argos Naval Yard Expansion (x32 Version: - Kerberos Productions Inc.)
Sword of the Stars: The Pit (x32 Version: - Kerberos Productions)
SyncToy 2.1 (x64) (Version: 2.1.0 - Microsoft)
Tactical Intervention (x32 Version: - FIX Korea)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKCU Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (x32 Version: - TechPowerUp)
TerraTec Home Cinema (x32 Version: 6.27.7 - )
TERRATEC S7 Driver Installation (64 Bit) (x32 Version: 1.00.07.601 - TERRATEC Electronic GmbH)
The Chronicles of Riddick: Assault on Dark Athena (x32 Version: - Starbreeze Studios)
The Elder Scrolls V: Skyrim (x32 Version: - Bethesda Game Studios)
The First Templar (x32 Version: - )
The Incredible Adventures of Van Helsing (x32 Version: - )
The Kings' Crusade (x32 Version: - )
The Lord of the Rings: War in the North (x32 Version: - Snowblind Studios)
The Pit Demo (x32 Version: 1.0.0 - Kerberos Productions)
The Walking Dead (x32 Version: - )
The Witcher 2: Assassins of Kings Enhanced Edition (x32 Version: - CD Projekt RED)
Thrustmaster FFB Wheel driver (x32 Version: 2.FFJ.2007 - Thrustmaster)
TmNationsForever (x32 Version: - Nadeo)
ToCA Race Driver 3 (x32 Version: - Codemasters)
Tom Clancy's Ghost Recon (x32 Version: - Ubisoft)
Tom Clancy's Rainbow Six: Vegas 2 (x32 Version: - Ubisoft)
Torchlight (x32 Version: - Runic Games, Inc.)
Torchlight II (x32 Version: - Runic Games)
Total War: SHOGUN 2 (x32 Version: - The Creative Assembly)
Toy Soldiers (x32 Version: - Signal Studios)
Transformers: War for Cybertron (x32 Version: - High Moon Studios)
Tropico 3 - Steam Special Edition (x32 Version: - Haemimont Games)
Tropico 4 (x32 Version: - )
Unepic (x32 Version: - Francisco Téllez de Meneses)
Unity (x32 Version: - Unity Technologies ApS)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Universe at War Earth Assault (x32 Version: 1.00.0000 - Petroglyph)
Universe at War Earth Assault (x32 Version: 1.00.0000 - Petroglyph) Hidden
Unreal Development Kit: 2012-10 (Version: - Epic Games, Inc.)
Unreal Tournament 3: Black Edition (x32 Version: - Epic Games)
Update for (KB2504637) (x32 Version: 1 - Microsoft Corporation)
Uplay (x32 Version: 2.0 - Ubisoft)
Verdun (x32 Version: - BlackMill Games)
Victoria II (x32 Version: - Paradox Interactive)
Victoria: Revolutions (x32 Version: - Paradox Interactive)
ViewNX 2 (Version: 2.7.6 - Nikon)
Viscera Cleanup Detail: Shadow Warrior (x32 Version: - RuneStorm)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
War Thunder (x32 Version: - Gaijin Entertainment)
Warframe (x32 Version: - )
Wargame: European Escalation (x32 Version: - Focus,Eugen Systems)
Warhammer 40,000 Space Marine (x32 Version: - Relic)
Warhammer 40,000: Dawn of War – Soulstorm (x32 Version: - Relic)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (x32 Version: - Relic Entertainment)
Warlock - Master of the Arcane (x32 Version: - Paradox Interactive)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows-Treiberpaket - TERRATEC (UDST7000BDA) Media (10/25/2010 1.00.07.601) (Version: 10/25/2010 1.00.07.601 - TERRATEC )
Windows-Treiberpaket - TERRATEC (UDST7000HID) HIDClass (03/17/2010 1.00.06.701) (Version: 03/17/2010 1.00.06.701 - TERRATEC )
WinPcap 4.1.2 (x32 Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.8.6 (64-bit) (x32 Version: 1.8.6 - The Wireshark developer community, hxxp://www.wireshark.org)
Wolfenstein - Enemy Territory (x32 Version: 2.60b - ACTIVISION)
WORLD IN CONFLICT (x32 Version: 1.0.0.9 - Massive Entertainment)
World of Tanks (x32 Version: - Wargaming.net)
X3: Reunion (x32 Version: - Egosoft)
X-COM: Apocalypse (x32 Version: - MicroProse)
XCOM: Enemy Unknown (x32 Version: - Firaxis Games)
X-COM: Enforcer (x32 Version: - MicroProse)
X-COM: Interceptor (x32 Version: - MicroProse)
X-COM: Terror from the Deep (x32 Version: - MicroProse)
X-COM: UFO Defense (x32 Version: - MicroProse)
Xfire (remove only) (x32 Version: - )
Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777 - Xiph.Org)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
14-12-2013 13:04:32 Windows Update
14-12-2013 13:50:40 No23 Recorder wird installiert
18-12-2013 07:48:07 DirectX wurde installiert
19-12-2013 10:57:35 DirectX wurde installiert
20-12-2013 02:49:27 DirectX wurde installiert
20-12-2013 22:18:32 Windows Update
22-12-2013 01:46:33 DirectX wurde installiert
25-12-2013 22:45:34 Windows Update
26-12-2013 23:10:44 DirectX wurde installiert
26-12-2013 23:12:28 Installed Ubisoft Game Launcher
04-01-2014 21:30:40 Geplanter Prüfpunkt
06-01-2014 09:27:11 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00ED1AA8-8760-4C6C-91C3-EDEBA7CC6051} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {22195CA3-6A66-4D42-B8BA-37999EB0E5CB} - System32\Tasks\{1C8BDE41-44F9-4940-8950-7B2892CB08B4} => X:\Steam\SteamApps\common\SpaceEmpiresV\SE5\SE5.exe [2012-12-11] (Malfador Machinations)
Task: {2735496C-22AF-4C99-A08A-BD3621C09A7E} - System32\Tasks\{4465AC0C-5A60-4866-8B25-F16F77980C1C} => X:\Steam\SteamApps\common\SpaceEmpiresV\SE5\SE5.exe [2012-12-11] (Malfador Machinations)
Task: {447DB6E2-4225-42B9-930C-4C52F0BAEBF8} - System32\Tasks\{88D08751-2F8F-4050-B533-320969BB0F7A} => X:\System Tray\Other+Indie\WarRock\WRUpdater.exe
Task: {6DB003FD-CF73-4024-86AD-18AE37E417ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {6F0437E2-27BF-4E9E-BE91-DB6C6D81E60A} - System32\Tasks\{5C98BDD7-8536-4FA1-8099-7191520E98DC} => X:\System Tray\Other+Indie\WarRock\WRUpdater.exe
Task: {832D80E1-DC27-404D-AEFA-C60DFFF16979} - System32\Tasks\{070C94E8-4062-4C2F-82EE-3CD06007C58E} => E:\Virologik\US 2007_0145554_10368776_mixing_proteasome_inhibitors\MagictheGathering\Shandalar.exe
Task: {854ECECB-BEEC-431D-BC3E-F40F996D2AE3} - System32\Tasks\{4CE1E72F-9660-4009-BF5E-583A338FA8B6} => X:\System Tray\Other+Indie\WarRock\WRUpdater.exe
Task: {86EBC499-A6BE-40C9-808A-E6727A04AAF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-18] (Google Inc.)
Task: {8D6C2285-D8D3-4625-8E69-5E9B208AE0AC} - System32\Tasks\EPUpdater => C:\Users\YYY\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {9D529D79-F50A-45FD-B840-F9D15C2664E9} - System32\Tasks\{2C45E3E9-0A27-453F-A417-566AA14F29DE} => E:\Virologik\US 2007_0145554_10368776_mixing_proteasome_inhibitors\MagictheGathering\Shandalar.exe
Task: {A4FA5422-8720-4D7E-9B66-B6CEAC9E6669} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-18] (Google Inc.)
Task: {BCA8D703-A489-4210-AF73-310C37CF86BE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E12BD776-489D-4DDE-B40B-AB18E966FA4C} - System32\Tasks\{3AE0BDB4-6EEF-40B8-AAD7-91BB6CFE0D48} => X:\System Tray\Other+Indie\WarRock\WRUpdater.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-02-25 00:23 - 2013-02-25 00:22 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\XXX\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-09 08:52 - 2013-11-28 12:14 - 00013824 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SAMSUNG_SSD.dll
2013-12-09 08:52 - 2013-11-28 18:59 - 00098816 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\PAL.dll
2013-12-09 08:52 - 2013-11-28 18:59 - 00034304 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SATA.dll
2013-12-09 08:52 - 2013-11-28 18:59 - 00032768 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SAT.dll
2013-12-09 08:52 - 2013-11-28 19:00 - 00031232 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SMINI.dll
2013-12-09 08:52 - 2013-11-28 18:59 - 00029696 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SAS.dll
2012-12-19 10:58 - 2012-12-19 10:58 - 00741376 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\de-DE\SBRnPCIe.resources.dll
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/06/2014 10:21:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 01:00:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 00:30:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2014 11:59:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2014 11:43:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2014 04:35:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/04/2014 09:44:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/28/2013 10:24:11 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2013 09:54:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2013 11:30:21 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (12/27/2013 01:33:38 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 27.12.2013 um 01:31:36 unerwartet heruntergefahren.
Error: (12/22/2013 09:38:30 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 22.12.2013 um 21:29:11 unerwartet heruntergefahren.
Error: (12/22/2013 00:34:06 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 22.12.2013 um 00:26:24 unerwartet heruntergefahren.
Error: (12/21/2013 11:01:22 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (12/18/2013 00:28:30 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 18.12.2013 um 00:24:11 unerwartet heruntergefahren.
Error: (12/15/2013 11:51:48 AM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error: (12/15/2013 11:51:46 AM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error: (12/15/2013 11:51:45 AM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error: (12/15/2013 11:51:43 AM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error: (12/15/2013 11:51:41 AM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Microsoft Office Sessions:
=========================
Error: (01/06/2014 10:21:30 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 01:00:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 00:30:09 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2014 11:59:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2014 11:43:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/05/2014 04:35:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/04/2014 09:44:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/28/2013 10:24:11 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2013 09:54:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2013 11:30:21 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-12-22 22:17:57.626
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-22 22:17:51.180
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 01:14:56.574
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 01:07:21.302
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 01:07:20.904
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 01:07:20.404
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 00:41:29.963
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 00:41:29.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 00:34:44.285
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 00:34:44.247
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 8149.21 MB
Available physical RAM: 6044.85 MB
Total Pagefile: 16296.59 MB
Available Pagefile: 13946.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:156.15 GB) (Free:52.5 GB) NTFS
Drive g: (Sony_32GU) (Removable) (Total:29.35 GB) (Free:28.38 GB) FAT32
Drive o: (Volume) (Fixed) (Total:62.5 GB) (Free:62.41 GB) NTFS
Drive u: (Volume) (Fixed) (Total:15.82 GB) (Free:15.73 GB) NTFS
Drive w: (VOLUME) (Fixed) (Total:3.91 GB) (Free:3.91 GB) FAT
Drive x: (BigMomma) (Fixed) (Total:1806.64 GB) (Free:107.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 5E82AF4B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=156 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=63 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: A242555E)
Partition 1: (Not Active) - (Size=-259157655552) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 29 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=29 GB) - (Type=0C)
==================== End Of Log ============================
Da liegt ja noch einiges im Argen, scheint mir. Geändert von JohnyderDepp (06.01.2014 um 10:49 Uhr) |
|
06.01.2014, 11:04
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. |
|
06.01.2014, 16:33
| #7 |
| | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. mbar hat nichts gefunden, daher kein Cleanup, kein Neustart. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org
Database version: v2014.01.06.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
XXX :: NANOXWIN7 [administrator]
06.01.2014 15:47:53
mbar-log-2014-01-06 (15-47-53).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 262417
Time elapsed: 6 minute(s), 47 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
06.01.2014, 21:16
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.01.2014, 22:26
| #9 |
| | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 06/01/2014 um 21:38:38
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : XXX - NANOXWIN7
# Gestartet von : C:\Users\XXX\Desktop\Downloads\AntivirenProgramme\Adware Cleaner\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Program Files (x86)\mixidj
Ordner Gelöscht : C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Datei Gelöscht : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\searchplugins\mixidj.xml
Datei Gelöscht : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GOGPACKBLADEOFDARKNESS_is1
Schlüssel Gelöscht : HKCU\Software\5368adeb434bd43
Schlüssel Gelöscht : HKLM\SOFTWARE\5368adeb434bd43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\mixidj
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\mixidj
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\systweak
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\prefs.js ]
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://mixidj.delta-search.com/?babsrc=NT_ss&mntrId=80D7902B3451FB3B&affID=121128&tsp=5004");
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [4862 octets] - [06/01/2014 21:37:36]
AdwCleaner[S0].txt - [4556 octets] - [06/01/2014 21:38:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4616 octets] ##########
JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Professional x64
Ran by XXX on 06.01.2014 at 21:52:48,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1015659824-2181777742-2393141514-1000\Software\sweetim
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.01.2014 at 21:54:15,61
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by XXX (administrator) on NANOXWIN7 on 06-01-2014 21:56:43
Running from C:\Users\XXX\Desktop\Downloads\AntivirenProgramme\Farbar Recovery Scan Tool
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Elgato Systems) C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\Tools\AudioSwitch\AudioSwitch.exe
(Dropbox, Inc.) C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\Samsung Magician.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\AMD\Catalyst\ATI.ACE\Core-Static\MOM.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(ATI Technologies Inc.) C:\AMD\Catalyst\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla\Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\AMD\Catalyst\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\Updreg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] - C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [Live! Central 3] - C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [503955 2011-04-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [FastAccess Web Alert] - C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\FAInstaller\FAtry.exe [2033648 2011-07-11] (Microsoft)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Remote Control Editor] - C:\Program Files (x86)\Common Files\TERRATEC\Remote\TTTvRc.exe [1835008 2012-07-05] (Elgato Systems)
HKCU\...\Run: [Xvid] - C:\Program Files (x86)\Treiber\Codecs\CheckUpdate.exe [8192 2011-01-17] ()
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AudioSwitch.lnk
ShortcutTarget: AudioSwitch.lnk -> C:\Program Files (x86)\Tools\AudioSwitch\AudioSwitch.exe ()
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\Samsung Magician.exe (Samsung Electronics.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TERRATEC Electronic GmbH\Terratec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{313DD21D-1719-4832-BEC1-3734BA1DD133}: [NameServer]192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @comrade.gamespy.com/comrade - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\XXX\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: GFACE Experience Plugin - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\cryenginebrowserplugin@crytek.com
FF Extension: Xmarks - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\foxmarks@kei.com
FF Extension: No Name - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\staged
FF Extension: LastPass - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\support@lastpass.com
FF Extension: Flashblock - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF Extension: Speed Dial - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF Extension: WOT - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Image Zoom - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
FF Extension: Speed Dial - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: NoScript - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: DownThemAll! - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: Download Manager Tweak - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\ze7edzza.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla\Firefox\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\pdf.dll No File
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Program Files (x86)\Mozilla\Firefox\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Comrade Plugin) - C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Nitro PDF plugin for Firefox and Chrome) - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll No File
CHR Extension: (Google Docs) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
S3 DAUpdaterSvc; x:\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [25832 2012-12-12] (BioWare)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
S3 OverwolfUpdaterService; C:\Program Files (x86)\TeamSpeak\Overwolf\OverwolfUpdater.exe [18360 2013-10-23] (Overwolf Ltd)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-29] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 CTHDB; C:\Windows\System32\DRIVERS\CtHDb.sys [28440 2013-02-14] (Creative Technology Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-12-13] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-02] (Logitech Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 UDST7000BDA; C:\Windows\System32\DRIVERS\TerraTecUsbBda.sys [917160 2012-08-27] (TerraTec Electronic GmbH.)
S3 UDST7000HID; C:\Windows\System32\DRIVERS\TerraTecUsbHid.sys [26408 2012-08-27] (TerraTec Electronic GmbH.)
R3 VF0400Vid; C:\Windows\System32\DRIVERS\V0400Vid.sys [242816 2010-01-04] (Creative Technology Ltd.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [204800 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [253440 2012-01-20] (VIA Technologies, Inc.)
S3 GPU-Z; \??\C:\Users\YYY\AppData\Local\Temp\GPU-Z.sys [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-06 21:54 - 2014-01-06 21:54 - 00000853 _____ C:\Users\XXX\Desktop\JRT.txt
2014-01-06 21:46 - 2014-01-06 21:46 - 00000000 ____D C:\Windows\ERUNT
2014-01-06 21:37 - 2014-01-06 21:38 - 00000000 ____D C:\AdwCleaner
2014-01-06 15:47 - 2014-01-06 16:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-06 15:47 - 2014-01-06 15:47 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-01-06 15:45 - 2014-01-06 16:26 - 00000000 ____D C:\Users\XXX\Desktop\mbar
2014-01-06 15:45 - 2014-01-06 15:46 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-06 00:16 - 2014-01-06 21:55 - 00000000 ____D C:\Users\XXX\Desktop\Virentfernung Januar 2014
2013-12-28 01:51 - 2013-12-28 01:51 - 00000000 ____D C:\Users\XXX\Documents\ANNO 2070
2013-12-27 00:17 - 2013-12-27 00:17 - 00000000 ____D C:\ProgramData\Solidshield
2013-12-27 00:16 - 2013-12-27 00:16 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Ubisoft
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Users\XXX\AppData\Local\MercurySteam
2013-12-23 22:38 - 2013-12-23 22:38 - 00000000 ____D C:\Users\XXX\Documents\Reus
2013-12-22 02:47 - 2013-12-22 03:14 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Sword of the Stars - The Pit
2013-12-20 03:50 - 2013-12-20 03:50 - 00000000 ____D C:\Program Files (x86)\BRS
2013-12-20 03:50 - 2011-03-19 15:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\Windows\SysWOW64\rapture3d_oal.dll
2013-12-20 03:50 - 2010-09-22 13:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\SysWOW64\mkl_blueripple.dll
2013-12-19 23:08 - 2013-12-19 23:08 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2013-12-19 11:10 - 2013-12-19 11:50 - 00000000 ____D C:\Users\XXX\AppData\Local\Darksiders2
2013-12-17 10:15 - 2013-12-17 10:15 - 00000000 ____D C:\GOG Games
2013-12-17 10:08 - 2014-01-05 22:18 - 00000000 ____D C:\Users\XXX\AppData\Local\GOG.com
2013-12-17 10:08 - 2013-12-17 10:08 - 00000000 ____D C:\Program Files (x86)\GoodOldGamesDownloader
2013-12-17 09:39 - 2013-12-17 09:42 - 00000000 ____D C:\Users\XXX\Documents\BattleWorldsKronos
2013-12-15 01:33 - 2013-12-15 01:33 - 00002157 _____ C:\Users\XXX\Desktop\AudacityPortable.exe - Verknüpfung.lnk
2013-12-15 00:57 - 2013-12-15 00:57 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2013-12-14 22:33 - 2013-12-14 22:33 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Free Video Converter.lnk
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\Documents\video
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorVideoConverter
2013-12-14 16:27 - 2013-12-23 02:33 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorFreeVideoCatcher
2013-12-14 16:27 - 2013-12-14 16:27 - 00001185 _____ C:\Users\XXX\Desktop\Kastor Free Video Catcher.lnk
2013-12-14 16:27 - 2008-09-24 21:33 - 00484352 _____ C:\Windows\SysWOW64\lame_enc.dll
2013-12-14 16:12 - 2013-12-14 16:46 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorStreamRecorder
2013-12-14 16:12 - 2013-12-14 16:12 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Stream Recorder.lnk
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Program Files (x86)\AviSynth
2013-12-14 15:56 - 2013-12-14 15:56 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Reallusion
2013-12-14 14:51 - 2013-12-14 14:51 - 00001202 _____ C:\Users\Public\Desktop\No23 Recorder.lnk
2013-12-14 14:51 - 2013-12-14 14:51 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-11 22:49 - 2011-05-30 14:42 - 00255488 _____ C:\Windows\system32\xvidvfw.dll
2013-12-11 22:49 - 2011-05-30 14:42 - 00240640 _____ C:\Windows\SysWOW64\xvidvfw.dll
2013-12-11 22:49 - 2011-05-23 10:52 - 00153088 _____ C:\Windows\SysWOW64\xvid.ax
2013-12-11 22:49 - 2011-05-23 08:49 - 00173568 _____ C:\Windows\system32\xvid.ax
2013-12-11 22:49 - 2011-05-23 08:46 - 00645632 _____ C:\Windows\SysWOW64\xvidcore.dll
2013-12-11 22:49 - 2011-05-23 08:45 - 00696832 _____ C:\Windows\system32\xvidcore.dll
2013-12-11 21:44 - 2013-12-11 21:44 - 00000957 _____ C:\Users\XXX\Desktop\MonkeyJam.lnk
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\XXX\AppData\Roaming\MonkeyJam
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Program Files (x86)\MonkeyJam
2013-12-11 21:44 - 2005-02-27 17:11 - 00424960 _____ C:\Windows\SysWOW64\wavdest.ax
2013-12-10 21:58 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-10 21:58 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-10 21:58 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-10 21:58 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-10 21:58 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-10 21:58 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-10 21:58 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-10 21:58 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-10 21:58 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-10 21:58 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-10 21:58 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-10 21:58 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-10 21:58 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-10 21:58 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-10 21:58 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-10 21:58 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-10 21:58 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-10 21:58 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-10 21:58 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-10 21:58 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-10 21:58 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-10 21:58 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-10 21:58 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-10 21:58 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-10 21:58 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-10 21:58 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-10 21:58 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-10 21:58 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-10 21:58 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-10 21:58 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-10 21:58 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-10 21:58 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-10 21:58 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-10 21:58 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-10 21:58 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-10 21:39 - 2013-12-10 21:39 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 21:36 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-10 21:36 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 21:36 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-10 21:36 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-10 21:36 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-10 21:36 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-10 21:36 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-10 21:36 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 21:36 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-10 21:36 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 21:36 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 21:36 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-10 21:36 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 21:36 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 21:36 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-10 21:36 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-10 21:36 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-10 21:36 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 21:36 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 02:27 - 2013-12-10 02:27 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Naval Warfare
==================== One Month Modified Files and Folders =======
2014-01-06 21:55 - 2014-01-06 00:16 - 00000000 ____D C:\Users\XXX\Desktop\Virentfernung Januar 2014
2014-01-06 21:55 - 2012-12-11 02:29 - 01945137 _____ C:\Windows\WindowsUpdate.log
2014-01-06 21:54 - 2014-01-06 21:54 - 00000853 _____ C:\Users\XXX\Desktop\JRT.txt
2014-01-06 21:52 - 2013-02-26 14:54 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Dropbox
2014-01-06 21:52 - 2013-02-18 10:59 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-06 21:52 - 2012-12-11 14:06 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Nitro PDF
2014-01-06 21:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 21:52 - 2009-07-14 05:51 - 00124416 _____ C:\Windows\setupact.log
2014-01-06 21:47 - 2009-07-14 05:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-06 21:47 - 2009-07-14 05:45 - 00026720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-06 21:46 - 2014-01-06 21:46 - 00000000 ____D C:\Windows\ERUNT
2014-01-06 21:44 - 2012-12-11 11:21 - 00710502 _____ C:\Windows\system32\perfh007.dat
2014-01-06 21:44 - 2012-12-11 11:21 - 00154832 _____ C:\Windows\system32\perfc007.dat
2014-01-06 21:44 - 2009-07-14 06:13 - 01651686 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-06 21:42 - 2013-02-28 08:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-06 21:38 - 2014-01-06 21:37 - 00000000 ____D C:\AdwCleaner
2014-01-06 21:37 - 2013-02-18 10:59 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-06 16:26 - 2014-01-06 15:45 - 00000000 ____D C:\Users\XXX\Desktop\mbar
2014-01-06 16:25 - 2014-01-06 15:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-06 15:47 - 2014-01-06 15:47 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-01-06 15:46 - 2014-01-06 15:45 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-05 23:57 - 2010-11-21 04:47 - 00352332 _____ C:\Windows\PFRO.log
2014-01-05 23:42 - 2012-12-13 23:56 - 00000000 ___RD C:\Users\XXX\Desktop\Selten benötigt
2014-01-05 22:18 - 2013-12-17 10:08 - 00000000 ____D C:\Users\XXX\AppData\Local\GOG.com
2014-01-05 22:03 - 2012-12-11 04:27 - 00000000 ___RD C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-01-04 22:01 - 2013-11-21 03:02 - 00000740 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-04 22:00 - 2013-11-21 03:02 - 00000000 ____D C:\Users\XXX\AppData\Roaming\vlc
2013-12-28 01:51 - 2013-12-28 01:51 - 00000000 ____D C:\Users\XXX\Documents\ANNO 2070
2013-12-27 22:28 - 2013-01-14 10:15 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-12-27 10:03 - 2013-06-12 09:47 - 00000020 ____H C:\ProgramData\PKP_DLev.DAT
2013-12-27 10:03 - 2013-06-12 09:47 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2013-12-27 00:17 - 2013-12-27 00:17 - 00000000 ____D C:\ProgramData\Solidshield
2013-12-27 00:16 - 2013-12-27 00:16 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Ubisoft
2013-12-27 00:12 - 2012-12-11 22:04 - 00508412 _____ C:\Windows\DirectX.log
2013-12-26 22:39 - 2012-12-16 17:43 - 00000000 ____D C:\Users\Public\Documents\Gescannte Dateien
2013-12-25 10:57 - 2013-06-13 10:01 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Apple Computer
2013-12-25 10:54 - 2013-06-13 10:01 - 00000000 ____D C:\Users\XXX\AppData\Local\Apple Computer
2013-12-25 01:38 - 2013-01-08 21:42 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Kalypso Media
2013-12-25 01:38 - 2012-12-12 10:53 - 00000000 ____D C:\Users\XXX\Documents\my games
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Users\XXX\AppData\Local\MercurySteam
2013-12-23 22:38 - 2013-12-23 22:38 - 00000000 ____D C:\Users\XXX\Documents\Reus
2013-12-23 02:33 - 2013-12-14 16:27 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorFreeVideoCatcher
2013-12-22 03:14 - 2013-12-22 02:47 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Sword of the Stars - The Pit
2013-12-20 03:50 - 2013-12-20 03:50 - 00000000 ____D C:\Program Files (x86)\BRS
2013-12-20 03:50 - 2013-11-22 04:55 - 00000000 ____D C:\ProgramData\Codemasters
2013-12-20 03:50 - 2012-12-16 01:14 - 00000000 ____D C:\Program Files (x86)\OpenAL
2013-12-19 23:08 - 2013-12-19 23:08 - 00000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2013-12-19 15:14 - 2013-02-08 22:34 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Skype
2013-12-19 11:50 - 2013-12-19 11:10 - 00000000 ____D C:\Users\XXX\AppData\Local\Darksiders2
2013-12-19 11:10 - 2012-12-11 21:57 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-12-18 10:56 - 2013-02-08 22:34 - 00000000 ____D C:\ProgramData\Skype
2013-12-18 10:55 - 2013-09-20 01:15 - 00013312 _____ C:\Users\XXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-18 10:55 - 2013-02-08 22:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-17 21:21 - 2009-07-14 05:45 - 00317104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-17 14:23 - 2013-05-07 14:14 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-17 14:23 - 2013-04-07 13:59 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-17 14:23 - 2013-04-07 13:59 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-17 10:15 - 2013-12-17 10:15 - 00000000 ____D C:\GOG Games
2013-12-17 10:08 - 2013-12-17 10:08 - 00000000 ____D C:\Program Files (x86)\GoodOldGamesDownloader
2013-12-17 10:08 - 2012-12-11 03:03 - 00069624 _____ C:\Users\XXX\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-17 09:42 - 2013-12-17 09:39 - 00000000 ____D C:\Users\XXX\Documents\BattleWorldsKronos
2013-12-15 01:33 - 2013-12-15 01:33 - 00002157 _____ C:\Users\XXX\Desktop\AudacityPortable.exe - Verknüpfung.lnk
2013-12-15 01:03 - 2012-12-17 13:08 - 00000000 ____D C:\Program Files (x86)\Tools
2013-12-15 00:57 - 2013-12-15 00:57 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2013-12-15 00:57 - 2013-06-13 10:01 - 00000000 ____D C:\Users\XXX\AppData\Roaming\HTC
2013-12-15 00:57 - 2013-06-13 10:01 - 00000000 ____D C:\ProgramData\HTC
2013-12-15 00:57 - 2013-06-13 10:00 - 00000000 ____D C:\Program Files (x86)\HTC
2013-12-15 00:53 - 2013-06-12 09:47 - 00000020 ____H C:\ProgramData\PKP_DLes.DAT
2013-12-14 22:33 - 2013-12-14 22:33 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Free Video Converter.lnk
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\Documents\video
2013-12-14 22:33 - 2013-12-14 22:33 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorVideoConverter
2013-12-14 16:46 - 2013-12-14 16:12 - 00000000 ____D C:\Users\XXX\AppData\Roaming\KastorStreamRecorder
2013-12-14 16:27 - 2013-12-14 16:27 - 00001185 _____ C:\Users\XXX\Desktop\Kastor Free Video Catcher.lnk
2013-12-14 16:12 - 2013-12-14 16:12 - 00001189 _____ C:\Users\XXX\Desktop\Kastor Stream Recorder.lnk
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2013-12-14 16:07 - 2013-12-14 16:07 - 00000000 ____D C:\Program Files (x86)\AviSynth
2013-12-14 15:56 - 2013-12-14 15:56 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Reallusion
2013-12-14 15:56 - 2013-03-08 16:31 - 00000000 ____D C:\ProgramData\Creative
2013-12-14 14:51 - 2013-12-14 14:51 - 00001202 _____ C:\Users\Public\Desktop\No23 Recorder.lnk
2013-12-14 14:51 - 2013-12-14 14:51 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-14 14:07 - 2012-12-11 02:29 - 00000000 ___RD C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-14 01:27 - 2012-12-11 10:29 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Nitro
2013-12-13 07:49 - 2012-12-11 04:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 20:57 - 2012-12-11 04:17 - 00000000 ____D C:\Program Files (x86)\Mozilla
2013-12-11 21:44 - 2013-12-11 21:44 - 00000957 _____ C:\Users\XXX\Desktop\MonkeyJam.lnk
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\XXX\AppData\Roaming\MonkeyJam
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Program Files (x86)\MonkeyJam
2013-12-11 15:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-11 00:42 - 2013-02-28 08:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 00:42 - 2013-02-20 20:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 00:42 - 2013-02-20 20:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 21:57 - 2013-08-19 06:23 - 00000000 ____D C:\Windows\system32\MRT
2013-12-10 21:56 - 2012-12-11 03:38 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 21:39 - 2013-12-10 21:39 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-10 21:39 - 2013-02-18 10:59 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-10 02:29 - 2013-11-16 21:50 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-10 02:27 - 2013-12-10 02:27 - 00000000 ____D C:\Users\XXX\AppData\Roaming\Naval Warfare
2013-12-09 08:52 - 2013-03-15 16:07 - 00001257 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2013-12-09 08:52 - 2012-12-12 11:00 - 00000000 ____D C:\Program Files (x86)\Samsung
Files to move or delete:
====================
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
Some content of TEMP:
====================
C:\Users\XXX\AppData\Local\Temp\13-1_vista_win7_win8_64_dd_ccc_whql.exe
C:\Users\XXX\AppData\Local\Temp\ac37f03d3210d90ea3de2f27db37018d.dll
C:\Users\XXX\AppData\Local\Temp\AutoRun.exe
C:\Users\XXX\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\XXX\AppData\Local\Temp\avgnt.exe
C:\Users\XXX\AppData\Local\Temp\ChangeIcon.exe
C:\Users\XXX\AppData\Local\Temp\CheckLang.dll
C:\Users\XXX\AppData\Local\Temp\comver.dll
C:\Users\XXX\AppData\Local\Temp\CtRunApp.dll
C:\Users\XXX\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\XXX\AppData\Local\Temp\nitro_reader3_x64.exe
C:\Users\XXX\AppData\Local\Temp\npp.6.4.5.Installer.exe
C:\Users\XXX\AppData\Local\Temp\npp.6.5.Installer.exe
C:\Users\XXX\AppData\Local\Temp\Quarantine.exe
C:\Users\XXX\AppData\Local\Temp\SkypeSetup.exe
C:\Users\XXX\AppData\Local\Temp\sonarinst.exe
C:\Users\XXX\AppData\Local\Temp\tmpBC03.exe
C:\Users\XXX\AppData\Local\Temp\tmpC0B5.exe
C:\Users\XXX\AppData\Local\Temp\tmpC3D2.exe
C:\Users\XXX\AppData\Local\Temp\tmpCFA5.exe
C:\Users\XXX\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\XXX\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-04 22:21
==================== End Of Log ============================
FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by XXX at 2014-01-06 21:57:15
Running from C:\Users\XXX\Desktop\Downloads\AntivirenProgramme\Farbar Recovery Scan Tool
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
@BIOS (x32 Version: 2.28 - GIGABYTE)
«Eador. Genesis» (x32 Version: - )
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Act of War - High Treason (x32 Version: 1.00.000 - )
Act of War High Treason Package (x32 Version: - GamersGate)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Advanced Audio FX Engine (x32 Version: 1.12.05 - Creative Technology Ltd)
Age of Empires II: HD Edition (x32 Version: - Hidden Path Entertainment, Ensemble Studios)
Alan Wake (x32 Version: - Remedy Entertainment)
Alan Wake's American Nightmare (x32 Version: - Remedy Entertainment)
Alien Arena 7.60 (x32 Version: - COR Entertainment, LLC)
alien_crossfire (Version: - )
Alpha Protocol (x32 Version: - Obsidian Entertainment)
alpha_centauri (Version: - )
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
America's Army: Proving Grounds Beta (x32 Version: - )
Anno 2070 (x32 Version: - BlueByte)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Arena Wars 2 (x32 Version: - ExDream GmbH)
ARMA 2 (x32 Version: - Bohemia Interactive)
Arma 3 Alpha Lite (x32 Version: - Bohemia Interactive)
Arma Tactics (x32 Version: - Bohemia Interactive)
Armada 2526 Gold (x32 Version: 1.0.4.3 - Ntronium Games)
Armada 2526 Gold (x32 Version: 1.0.4.3 - Ntronium Games) Hidden
Assassin's Creed (x32 Version: - Ubisoft)
AudioSwitch v2.0 (x32 Version: - )
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
AviSynth 2.6 (x32 Version: 2.6.0.3 - GPL Public release.)
Bastion (x32 Version: - Supergiant Games)
Batman: Arkham Asylum GOTY Edition (x32 Version: - Rocksteady Studios)
Batman: Arkham City GOTY (x32 Version: - )
Battle Worlds: Kronos Demo (x32 Version: - )
Battlefield 1942™ (x32 Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (x32 Version: 1.5.0.0 - Electronic Arts)
Battlefield: Bad Company 2 (x32 Version: - DICE)
Battlelog Web Plugins (x32 Version: 2.1.3 - EA Digital Illusions CE AB)
BattlEye for Iron Front Uninstall (x32 Version: - )
Bionic Dues (x32 Version: - Arcen Games, LLC)
BioShock Infinite (x32 Version: - Irrational Games)
Blood Bowl: Dark Elves Edition (x32 Version: - Cyanide Studio)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Borderlands (x32 Version: - Gearbox Software)
Borderlands 2 (x32 Version: - Gearbox Software)
BRINK (x32 Version: - Splash Damage)
Brütal Legend (x32 Version: - Double Fine Productions)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Call of Duty 4: Modern Warfare (x32 Version: - Infinity Ward)
Call of Duty: Black Ops II - Multiplayer (x32 Version: - )
Carrier Command: Gaea Mission (x32 Version: - Bohemia Interactive)
Castlevania: Lords of Shadow - Ultimate Edition (x32 Version: - MercurySteam - Climax Studios)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (x32 Version: - )
Cisco WebEx Meeting Center for Firefox or Chrome (x32 Version: 8.29.3216 - Cisco WebEx LLC)
Cisco WebEx Meetings (x32 Version: - Cisco WebEx LLC)
Cities in Motion (x32 Version: - )
Cities XL (x32 Version: - Monte Cristo)
Contagion (x32 Version: - Monochrome LLC)
Counter-Strike: Global Offensive (x32 Version: - )
CPUID CPU-Z 1.62 (Version: - )
CPUID HWMonitor 1.21 (Version: - )
Creative Live! Cam Notebook Pro (VF0400) Driver (1.05.03.00) (Version: - Creative Technology Ltd.)
Creative Live! Central 3 (x32 Version: 3.00.63 - Creative Technology Ltd)
Creative Music Server (x32 Version: 1.01 - Creative Technology Limited)
Creative Systeminformationen (x32 Version: 1.10 - Creative Technology Limited)
Crusader Kings II (x32 Version: - Paradox)
Crusaders: Thy Kingdom Come (x32 Version: - )
Crysis 2 Maximum Edition (x32 Version: - Electronic Arts)
Crysis Warhead (x32 Version: - Crytek)
Crysis®3 (x32 Version: 1.0.0.0 - Electronic Arts)
Dark Messiah Might and Magic Single Player (x32 Version: - Ubisoft)
Dark Souls: Prepare to Die Edition (x32 Version: - )
Darkest Hour: A Hearts of Iron Game (x32 Version: - )
Darksiders II (x32 Version: - Vigil Games)
Day of Defeat: Source (x32 Version: - Valve)
DC Universe Online Live (HKCU Version: - Sony Online Entertainment)
Dead Space (x32 Version: - EA Redwood Shores)
Defiance Free Trial (x32 Version: - Trion Worlds)
DefianceRuntimes (x32 Version: 1.0.2 - Trion Worlds, Inc.)
Descent 3 with Mercenary Expansion (x32 Version: 2.0.0.16 - GOG.com)
Diablo III (x32 Version: - Blizzard Entertainment)
DIAMS iQ Demo (HKCU Version: 2.6.0.55 - Dennemeyer)
DiRT (x32 Version: - Codemasters)
DiRT 3 (x32 Version: - Codemasters Racing Studio)
Disciples III: Renaissance (x32 Version: - Akella)
Dishonored (x32 Version: - Arkane Studios)
Divinity II: Developer's Cut (x32 Version: - Larian Studios)
DmC Devil May Cry (x32 Version: - Ninja Theory)
DMIView Ver.1.5 B12.0314.1 (x32 Version: 1.5 - GIGABYTE)
Dolby Digital Live Pack (x32 Version: 3.03 - Creative Technology Limited)
Dragon Age: Origins (x32 Version: - BioWare)
Dragon Age™ II (x32 Version: 1.04.8524.0 - Electronic Arts)
Drakensang (x32 Version: - dtp)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
Druckerdeinstallation für EPSON BX525WD Series (Version: - SEIKO EPSON Corporation)
Dual-Core Optimizer (x32 Version: 1.1.4.0169 - AMD)
Dungeon Siege III (x32 Version: - Obsidian Entertainment)
E.Y.E: Divine Cybermancy (x32 Version: - )
Eador. Masters of the Broken World (x32 Version: - Snowbird Games)
Easy Tune 6 B12.1112.1 (x32 Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.1112.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Empire: Total War (x32 Version: - The Creative Assembly)
Endless Space (x32 Version: - Amplitude Studios)
Entity Framework Tools for Visual Studio 2013 (x32 Version: 12.0.20912.0 - Microsoft Corporation)
EPSON BX525WD Series Manual (x32 Version: - )
EPSON BX525WD Series Network Guide (x32 Version: - )
EPSON Scan (x32 Version: - Seiko Epson Corporation)
EpsonNet Print (x32 Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (x32 Version: 3.3a - SEIKO EPSON CORPORATION)
Erforderliche Komponenten für SSDT (x32 Version: 11.1.3000.0 - Microsoft Corporation)
ESET Online Scanner v3 (x32 Version: - )
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Europa Universalis IV (x32 Version: - Paradox Development Studio)
EverQuest II (x32 Version: - Sony Online Entertainment)
Expeditions: Conquistador (x32 Version: - Logic Artists)
Fallen Enchantress (x32 Version: - Stardock Entertainment)
Fallout: New Vegas (x32 Version: - Bethesda Softworks)
Fantasy Wars (x32 Version: - Nobilis)
Far Cry 2 (x32 Version: - Ubisoft)
FastAccess Web Alert (x32 Version: 1.00 - Sensible Vision)
FIFA 13 Demo (x32 Version: 1.0.0.0 - Electronic Arts)
FIFA Manager 10 (x32 Version: - )
Firefall (x32 Version: - Red 5 Studios)
Forge (x32 Version: - )
Fragenbär - Richtig Mathe (x32 Version: 1.1 - SL-Lernsoftware)
Free Video Converter V 2.3 (x32 Version: 2.3.0.0 - Kastor Soft)
GameSpy Arcade (x32 Version: - )
GameSpy Comrade (x32 Version: 3.2.17.236 - GameSpy)
Garry's Mod (x32 Version: - Garry)
Gear Up (x32 Version: - )
GIGABYTE TweakLauncher (x32 Version: 12.04.26.1 - GIGABYTE)
GIGABYTE TweakLauncher (x32 Version: 12.04.26.1 - GIGABYTE) Hidden
GOG.com Downloader version 3.6.0 (x32 Version: 3.6.0 - GOG.com)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Gothic III (x32 Version: 1.00.0 - Dreamcatcher)
GPL Ghostscript (Version: 9.07 - Artifex Software Inc.)
Grand Theft Auto: Vice City (x32 Version: - Rockstar)
GRID (x32 Version: - Codemasters)
GRID 2 (x32 Version: - Codemasters Racing)
Guardians of Graxia (x32 Version: - )
Half-Life 2 (x32 Version: - Valve)
HdR Die Rückkehr des Königs tm (x32 Version: - )
Hearts of Iron II: Complete (x32 Version: - Paradox Interactive)
Hearts of Iron III (x32 Version: - Paradox Interactive)
Heroes of Might and Magic V (x32 Version: - Ubisoft)
Hitman 2: Silent Assassin (x32 Version: - Eidos)
Hitman: Absolution (x32 Version: - IO Interactive)
Hitman: Sniper Challenge (x32 Version: - IO Interactive)
HTC Driver Installer (x32 Version: 4.2.0.001 - HTC Corporation)
Hydrophobia: Prophecy (x32 Version: - Dark Energy Digital)
iCloud (Version: 3.0.2.163 - Apple Inc.)
Imperium Romanum 1.04 Gold Edition (x32 Version: 1.04 - Kalypso Media)
Impire (x32 Version: - Cyanide Montreal)
InfiniteCrisis (x32 Version: - Turbine, Inc)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867 - Intel Corporation)
Interstellar Marines (x32 Version: - Zero Point Software)
IPTInstaller (x32 Version: 4.0.8 - HTC)
IrfanView (remove only) (x32 Version: 4.35 - Irfan Skiljan)
Iron Front : Liberation 1944 (x32 Version: - X1 Software)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Just Cause 2 (x32 Version: - Avalanche Studios)
Just Cause 2: Multiplayer Mod (x32 Version: - Avalanche Studios)
Kastor - Stream Recorder V 1.0 (x32 Version: 1.0.0.0 - KastorSoft)
Kastor Free Video Catcher V 2.3 (x32 Version: 2.3.0.0 - KastorSoft)
Kenshi (x32 Version: - Lo-Fi Games)
King Arthur - The Role-playing Wargame (x32 Version: - Neocore Games)
King’s Bounty: Legions (x32 Version: - Nival)
Kingdoms Rise (x32 Version: - Flyleap Studios Pty. Ltd.)
Knights of Honor (x32 Version: - Crytek Black Sea)
Left 4 Dead 2 (x32 Version: - Valve)
Legend of Grimrock (x32 Version: - )
Legends of Eisenwald (x32 Version: - Aterdux Entertainment)
LibreOffice 3.6 (x32 Version: 3.6.4.3 - The Document Foundation)
LibreOffice 3.6 Help Pack (German) (x32 Version: 3.6.4.3 - The Document Foundation)
Logitech Gaming Software 8.40 (Version: 8.40.83 - Logitech Inc.)
Lost Planet 3 (x32 Version: - Spark Unlimited)
Mafia (x32 Version: - 2K Games)
Magic: The Gathering - Duels of the Planeswalkers (x32 Version: - )
Majesty 2 Collection (x32 Version: - Paradox Interactive)
Making History II: The War of the World (x32 Version: - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
ManiaPlanet (x32 Version: - Nadeo)
Mars: War Logs (x32 Version: - Spiders)
marvell 91xx driver (x32 Version: 1.2.0.1020 - Marvell)
Mass Effect 2 (x32 Version: - BioWare)
Mass Effect™ 3 (x32 Version: 1.05.0.0 - Electronic Arts)
Master Of Magic (x32 Version: - GOG.com)
Master of Orion 3 (x32 Version: - GamersGate)
Master of Orion II (x32 Version: - GamersGate)
Max Payne 3 (x32 Version: - Rockstar)
Medal of Honor (TM) (x32 Version: 1.0.0.0 - Electronic Arts)
Medal of Honor: Airborne (x32 Version: - )
Media Go (x32 Version: 2.6.205 - Sony)
Media Go Video Playback Engine 2.0.107.08290 (x32 Version: 2.0.107.08290 - Sony)
Medieval II Total War (x32 Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (x32 Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (x32 Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (x32 Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (x32 Version: 1.03.000 - SEGA)
Metro 2033 (x32 Version: - THQ)
Metro: Last Light (x32 Version: - 4A Games)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (x32 Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (x32 Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (x32 Version: 4.5.51641 - Microsoft Corporation)
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Command Line Utilities (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x32 Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (x32 Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (x32 Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x32 Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (Version: 11.1.3366.16 - Microsoft Corporation)
Might & Magic: Duel of Champions (x32 Version: - Ubisoft Quebec)
MonkeyJam 3_050529 (x32 Version: - GiantScreamingRobotMonkeys)
Mount & Blade (x32 Version: - Paradox Interactive)
Mount & Blade: Warband (x32 Version: - Taleworlds Entertainment)
Mount & Blade: With Fire and Sword (x32 Version: - )
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.2.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MusicBee 2.0 (x32 Version: 2.0 - Steven Mayall)
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
Nation Red (x32 Version: - Diezel Power)
Natural Selection 2 (x32 Version: - Unknown Worlds Entertainment)
Naval Warfare (x32 Version: - Game Distillery s.r.o.)
NecroVisioN (x32 Version: 1.00.0000 - 1C Publishing EU)
NecroVisioN Patch 1.1 (x32 Version: - GamersGate)
NecroVisioN Patch 1.2 (x32 Version: - GamersGate)
Need for Speed: Hot Pursuit (x32 Version: - Electronic Arts)
Need For Speed™ World (x32 Version: 1.0.0.1229 - Electronic Arts)
Neverwinter (x32 Version: - Cryptic Studios)
Nexuiz (x32 Version: - IllFonic)
Nikon Message Center 2 (x32 Version: 2.1.0 - Nikon)
Nikon Movie Editor (x32 Version: 2.7.0 - Nikon)
Nitro Reader 3 (Version: 3.5.2.10 - Nitro)
No23 Recorder (x32 Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Notepad++ (x32 Version: 6.5 - Notepad++ Team)
Nuclear Dawn (x32 Version: - Interwave)
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation)
Nvu 1.0 (x32 Version: 1.0 - Thorsten Fritz)
Of Orcs And Men (x32 Version: - Cyanide Studio - Spiders Studios)
ON_OFF Charge B12.1025.1 (x32 Version: 1.00.0001 - GIGABYTE)
OpenAL (x32 Version: - )
Origin (x32 Version: 9.1.3.2637 - Electronic Arts, Inc.)
Overwolf (x32 Version: 0.45.266 - Overwolf)
Painkiller Hell & Damnation (x32 Version: - )
Painkiller Overdose (x32 Version: - DreamCatcher)
Painkiller: Black Edition (x32 Version: - People Can Fly)
Painkiller: Recurring Evil (x32 Version: - hxxp://www.nordicgames.at/)
Painkiller: Redemption (x32 Version: - People Can Fly)
Painkiller: Resurrection (x32 Version: - Homegrown Games)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (x32 Version: 4.5.50932 - Microsoft Corporation)
Panzar (x32 Version: - Troxit Service)
Path of Exile (x32 Version: 0.10.1.22906 - Grinding Gear Games)
Penumbra: Black Plague (x32 Version: - Frictional Games)
Penumbra: Requiem (x32 Version: - Frictional Games)
Picture Control Utility x64 (Version: 1.4.12 - Nikon)
PlanetSide 2 (x32 Version: - Sony Online Entertainment)
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
PlayStation(R)Store (x32 Version: 4.18.0.15698 - Sony Computer Entertainment Inc.)
Port Royale 2 (x32 Version: - )
Port Royale 3 (x32 Version: - Gaming Minds)
PoxNora (x32 Version: - Sony Online Entertainment)
Pride of Nations (x32 Version: - )
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
Prototype (x32 Version: - Radical Entertainment)
PunkBuster Services (x32 Version: 0.989 - Even Balance, Inc.)
Qualcomm SmartNet Controller (x32 Version: 1.0.0.32 - Qualcomm Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
R.U.S.E (x32 Version: - Eugen Systems)
RAGE (x32 Version: - )
Railroad Tycoon 2: Platinum (x32 Version: - PopTop)
Rapture3D 2.4.8 Game (x32 Version: - Blue Ripple Sound)
Ravaged (x32 Version: - 2 Dawn Studios)
Red Faction: Armageddon (x32 Version: - Volition)
Red Faction: Guerrilla (x32 Version: - Volition)
Red Orchestra 2: Heroes of Stalingrad - Single Player (x32 Version: - )
Red Orchestra 2: Heroes of Stalingrad (x32 Version: - Tripwire)
Reign: Conflict of Nations (Remove Only) (x32 Version: 1.0.0.0 - 1C Publishing)
Renaissance Heroes (x32 Version: - )
Reus (x32 Version: - Abbey Games)
Rise of the Triad (x32 Version: - Interceptor Entertainment)
Rise of Venice (x32 Version: - )
Risen (x32 Version: - Piranha Bytes)
Risen 2 - Dark Waters (x32 Version: - Piranha Bytes)
Rockstar Games Social Club (x32 Version: 1.1.0.1 - Rockstar Games)
S.T.A.L.K.E.R.: Call of Pripyat (x32 Version: - GSC Game World)
S.T.A.L.K.E.R.: Clear Sky (x32 Version: - GSC Game World)
S.T.A.L.K.E.R.: Shadow of Chernobyl (x32 Version: - GSC Game World)
S4 League_EU (x32 Version: 1.00.0000 - )
Sacred 2 (x32 Version: 2.65.1.0 - Deep Silver)
Samsung Magician (x32 Version: 4.3.0 - Samsung Electronics)
Sauerbraten (x32 Version: - )
Section 8: Prejudice (x32 Version: - Timegate Studios, Inc)
Sengoku (x32 Version: - )
Serious Sam 3: BFE (x32 Version: - Croteam)
Shadow Harvest: Phantom Ops (x32 Version: - Black Lion Studios)
Shadow Warrior (x32 Version: - Flying Wild Hog)
Sid Meier's Alpha Centauri (x32 Version: 2.0.2.23 - GOG.com)
Sid Meier's Civilization IV: Beyond the Sword (x32 Version: - Firaxis)
Sid Meier's Civilization IV: Colonization (x32 Version: - Firaxis)
Sid Meier's Civilization V (x32 Version: - 2K Games, Inc.)
Sins of a Solar Empire: Trinity (x32 Version: - )
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Sleeping Dogs™ (x32 Version: - United Front Games)
Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)
Sound Blaster Recon3D PCIe (x32 Version: 1.00.31 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (x32 Version: 1.0 - Creative Technology Limited)
Space Empires V (x32 Version: - Malfador Machinations)
SpaceForce: Rogue Universe (x32 Version: - Provox)
Spec Ops: The Line (x32 Version: - YAGER)
Special Force 2 1.0 (x32 Version: - )
Star Ruler (x32 Version: - )
Star Wars - Battlefront II (x32 Version: - Pandemic Studios)
Star Wars: Empire at War Gold (x32 Version: - )
Star Wars: Knights of the Old Republic (x32 Version: - BioWare)
Star Wars: Knights of the Old Republic II (x32 Version: - LucasArts)
Star Wars: The Force Unleashed Ultimate Sith Edition (x32 Version: - LucasArts)
Star Wolves 3 Civil War (x32 Version: - GamersGate)
StarDrive (x32 Version: - )
State of Decay (x32 Version: - Undead Labs)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Supreme Ruler 2020 5.05.08 (x32 Version: - BattleGoat Studios)
Supreme Ruler 2020 Gold 6.8.1 (x32 Version: - BattleGoat Studios)
Sword of the Stars Complete Collection (x32 Version: - Kerberos Productions Inc.)
Sword of the Stars II: Enhanced Edition (x32 Version: - )
Sword of the Stars: Argos Naval Yard Expansion (x32 Version: - Kerberos Productions Inc.)
Sword of the Stars: The Pit (x32 Version: - Kerberos Productions)
SyncToy 2.1 (x64) (Version: 2.1.0 - Microsoft)
Tactical Intervention (x32 Version: - FIX Korea)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKCU Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (x32 Version: - TechPowerUp)
TerraTec Home Cinema (x32 Version: 6.27.7 - )
TERRATEC S7 Driver Installation (64 Bit) (x32 Version: 1.00.07.601 - TERRATEC Electronic GmbH)
The Chronicles of Riddick: Assault on Dark Athena (x32 Version: - Starbreeze Studios)
The Elder Scrolls V: Skyrim (x32 Version: - Bethesda Game Studios)
The First Templar (x32 Version: - )
The Incredible Adventures of Van Helsing (x32 Version: - )
The Kings' Crusade (x32 Version: - )
The Lord of the Rings: War in the North (x32 Version: - Snowblind Studios)
The Pit Demo (x32 Version: 1.0.0 - Kerberos Productions)
The Walking Dead (x32 Version: - )
The Witcher 2: Assassins of Kings Enhanced Edition (x32 Version: - CD Projekt RED)
Thrustmaster FFB Wheel driver (x32 Version: 2.FFJ.2007 - Thrustmaster)
TmNationsForever (x32 Version: - Nadeo)
ToCA Race Driver 3 (x32 Version: - Codemasters)
Tom Clancy's Ghost Recon (x32 Version: - Ubisoft)
Tom Clancy's Rainbow Six: Vegas 2 (x32 Version: - Ubisoft)
Torchlight (x32 Version: - Runic Games, Inc.)
Torchlight II (x32 Version: - Runic Games)
Total War: SHOGUN 2 (x32 Version: - The Creative Assembly)
Toy Soldiers (x32 Version: - Signal Studios)
Transformers: War for Cybertron (x32 Version: - High Moon Studios)
Tropico 3 - Steam Special Edition (x32 Version: - Haemimont Games)
Tropico 4 (x32 Version: - )
Unepic (x32 Version: - Francisco Téllez de Meneses)
Unity (x32 Version: - Unity Technologies ApS)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Universe at War Earth Assault (x32 Version: 1.00.0000 - Petroglyph)
Universe at War Earth Assault (x32 Version: 1.00.0000 - Petroglyph) Hidden
Unreal Development Kit: 2012-10 (Version: - Epic Games, Inc.)
Unreal Tournament 3: Black Edition (x32 Version: - Epic Games)
Update for (KB2504637) (x32 Version: 1 - Microsoft Corporation)
Uplay (x32 Version: 2.0 - Ubisoft)
Verdun (x32 Version: - BlackMill Games)
Victoria II (x32 Version: - Paradox Interactive)
Victoria: Revolutions (x32 Version: - Paradox Interactive)
ViewNX 2 (Version: 2.7.6 - Nikon)
Viscera Cleanup Detail: Shadow Warrior (x32 Version: - RuneStorm)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
War Thunder (x32 Version: - Gaijin Entertainment)
Warframe (x32 Version: - )
Wargame: European Escalation (x32 Version: - Focus,Eugen Systems)
Warhammer 40,000 Space Marine (x32 Version: - Relic)
Warhammer 40,000: Dawn of War – Soulstorm (x32 Version: - Relic)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (x32 Version: - Relic Entertainment)
Warlock - Master of the Arcane (x32 Version: - Paradox Interactive)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows-Treiberpaket - TERRATEC (UDST7000BDA) Media (10/25/2010 1.00.07.601) (Version: 10/25/2010 1.00.07.601 - TERRATEC )
Windows-Treiberpaket - TERRATEC (UDST7000HID) HIDClass (03/17/2010 1.00.06.701) (Version: 03/17/2010 1.00.06.701 - TERRATEC )
WinPcap 4.1.2 (x32 Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.8.6 (64-bit) (x32 Version: 1.8.6 - The Wireshark developer community, hxxp://www.wireshark.org)
Wolfenstein - Enemy Territory (x32 Version: 2.60b - ACTIVISION)
WORLD IN CONFLICT (x32 Version: 1.0.0.9 - Massive Entertainment)
World of Tanks (x32 Version: - Wargaming.net)
X3: Reunion (x32 Version: - Egosoft)
X-COM: Apocalypse (x32 Version: - MicroProse)
XCOM: Enemy Unknown (x32 Version: - Firaxis Games)
X-COM: Enforcer (x32 Version: - MicroProse)
X-COM: Interceptor (x32 Version: - MicroProse)
X-COM: Terror from the Deep (x32 Version: - MicroProse)
X-COM: UFO Defense (x32 Version: - MicroProse)
Xfire (remove only) (x32 Version: - )
Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777 - Xiph.Org)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
14-12-2013 13:04:32 Windows Update
14-12-2013 13:50:40 No23 Recorder wird installiert
18-12-2013 07:48:07 DirectX wurde installiert
19-12-2013 10:57:35 DirectX wurde installiert
20-12-2013 02:49:27 DirectX wurde installiert
20-12-2013 22:18:32 Windows Update
22-12-2013 01:46:33 DirectX wurde installiert
25-12-2013 22:45:34 Windows Update
26-12-2013 23:10:44 DirectX wurde installiert
26-12-2013 23:12:28 Installed Ubisoft Game Launcher
04-01-2014 21:30:40 Geplanter Prüfpunkt
06-01-2014 09:27:11 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00ED1AA8-8760-4C6C-91C3-EDEBA7CC6051} - \BitGuard No Task File
Task: {22195CA3-6A66-4D42-B8BA-37999EB0E5CB} - System32\Tasks\{1C8BDE41-44F9-4940-8950-7B2892CB08B4} => X:\Steam\SteamApps\common\SpaceEmpiresV\SE5\SE5.exe [2012-12-11] (Malfador Machinations)
Task: {2735496C-22AF-4C99-A08A-BD3621C09A7E} - System32\Tasks\{4465AC0C-5A60-4866-8B25-F16F77980C1C} => X:\Steam\SteamApps\common\SpaceEmpiresV\SE5\SE5.exe [2012-12-11] (Malfador Machinations)
Task: {447DB6E2-4225-42B9-930C-4C52F0BAEBF8} - System32\Tasks\{88D08751-2F8F-4050-B533-320969BB0F7A} => X:\System Tray\Other+Indie\WarRock\WRUpdater.exe
Task: {6DB003FD-CF73-4024-86AD-18AE37E417ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {6F0437E2-27BF-4E9E-BE91-DB6C6D81E60A} - System32\Tasks\{5C98BDD7-8536-4FA1-8099-7191520E98DC} => X:\System Tray\Other+Indie\WarRock\WRUpdater.exe
Task: {832D80E1-DC27-404D-AEFA-C60DFFF16979} - System32\Tasks\{070C94E8-4062-4C2F-82EE-3CD06007C58E} => E:\ZZZ\US 2007_0145554_10368776_mixing_proteasome_inhibitors\MagictheGathering\Shandalar.exe
Task: {854ECECB-BEEC-431D-BC3E-F40F996D2AE3} - System32\Tasks\{4CE1E72F-9660-4009-BF5E-583A338FA8B6} => X:\System Tray\Other+Indie\WarRock\WRUpdater.exe
Task: {86EBC499-A6BE-40C9-808A-E6727A04AAF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-18] (Google Inc.)
Task: {8D6C2285-D8D3-4625-8E69-5E9B208AE0AC} - \EPUpdater No Task File
Task: {9D529D79-F50A-45FD-B840-F9D15C2664E9} - System32\Tasks\{2C45E3E9-0A27-453F-A417-566AA14F29DE} => E:\ZZZ\US 2007_0145554_10368776_mixing_proteasome_inhibitors\MagictheGathering\Shandalar.exe
Task: {A4FA5422-8720-4D7E-9B66-B6CEAC9E6669} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-18] (Google Inc.)
Task: {BCA8D703-A489-4210-AF73-310C37CF86BE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E12BD776-489D-4DDE-B40B-AB18E966FA4C} - System32\Tasks\{3AE0BDB4-6EEF-40B8-AAD7-91BB6CFE0D48} => X:\System Tray\Other+Indie\WarRock\WRUpdater.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-02-25 00:23 - 2013-02-25 00:22 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\XXX\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-09 08:52 - 2013-11-28 12:14 - 00013824 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SAMSUNG_SSD.dll
2013-12-09 08:52 - 2013-11-28 18:59 - 00098816 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\PAL.dll
2013-12-09 08:52 - 2013-11-28 18:59 - 00034304 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SATA.dll
2013-12-09 08:52 - 2013-11-28 18:59 - 00032768 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SAT.dll
2013-12-09 08:52 - 2013-11-28 19:00 - 00031232 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SMINI.dll
2013-12-09 08:52 - 2013-11-28 18:59 - 00029696 _____ () C:\Program Files (x86)\Samsung\Samsung_SSD_Magician\SAS.dll
2012-12-19 10:58 - 2012-12-19 10:58 - 00741376 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\de-DE\SBRnPCIe.resources.dll
2013-12-11 09:04 - 2013-12-11 09:04 - 03559024 _____ () C:\Program Files (x86)\Mozilla\Firefox\mozjs.dll
2013-12-11 00:42 - 2013-12-11 00:42 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/06/2014 09:54:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (01/06/2014 09:54:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-12-22 22:17:57.626
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-22 22:17:51.180
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 01:14:56.574
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 01:07:21.302
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 01:07:20.904
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 01:07:20.404
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 00:41:29.963
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 00:41:29.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 00:34:44.285
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-15 00:34:44.247
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CTAFX64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 26%
Total physical RAM: 8149.21 MB
Available physical RAM: 5962.93 MB
Total Pagefile: 16296.59 MB
Available Pagefile: 13876.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:156.15 GB) (Free:51.61 GB) NTFS
Drive g: (Sony_32GU) (Removable) (Total:29.35 GB) (Free:28.38 GB) FAT32
Drive o: (Volume) (Fixed) (Total:62.5 GB) (Free:62.41 GB) NTFS
Drive u: (Volume) (Fixed) (Total:15.82 GB) (Free:15.73 GB) NTFS
Drive w: (VOLUME) (Fixed) (Total:3.91 GB) (Free:3.91 GB) FAT
Drive x: (BigMomma) (Fixed) (Total:1806.64 GB) (Free:107.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 5E82AF4B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=156 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=63 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: A242555E)
Partition 1: (Not Active) - (Size=-259157655552) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 29 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=29 GB) - (Type=0C)
==================== End Of Log ============================
|
|
06.01.2014, 22:42
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.01.2014, 01:38
| #11 |
| | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a.Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-01-2014
Ran by XXX at 2014-01-07 01:33:43 Run:1
Running from C:\Users\XXX\Desktop\Downloads\AntivirenProgramme\Farbar Recovery Scan Tool
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
*****************
C:\ProgramData\PKP_DLeo.DAT => Moved successfully.
C:\ProgramData\PKP_DLes.DAT => Moved successfully.
C:\ProgramData\PKP_DLet.DAT => Moved successfully.
C:\ProgramData\PKP_DLev.DAT => Moved successfully.
==== End of Fixlog ====
|
|
07.01.2014, 08:36
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.01.2014, 01:36
| #13 |
| | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a.Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.07.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 XXX :: NANOXWIN7 [Administrator] 07.01.2014 10:51:18 mbam-log-2014-01-07 (10-51-18).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 225076 Laufzeit: 3 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Nach 9 Stunden Laufzeit war eset bei 25%. Dann hat wieder einmal meine Grafikkarte ihren Rappel bekommen und das System auflaufen lassen. Das passiert leider mittlerweilen so häufig, dass ich momentan nicht recht daran glaube, einen vollständigen Scan mit eset hinbekommen zu können. Die Karte müsste eigentlich ausgetauscht werden, ist ein Garantiefall; diese crashes haben auch viele Andere mit derselben Karte, haben also mit ziemlicher Sicherheit nichts mit Malware zu tun. Andere Frage: die von Antimalwarebytes identifizierten "Probleme" waren, soweit ich das gesehen habe, nur PUPs. Darf ich schlussfolgern, dass die Gefahr, dass online Passwörter kompromittiert wurden, gering ist? Wie kann/soll ich damit umgehen? Mist. Gerade habe ich wieder Grid 2 gezockt, und siehe da: das Problem mit den Tastaturanschlägen aus dem Nirgendwo tritt weiter auf. Sieht dann wohl nach einem Hardwarefehler aus, oder was meinst Du? Allerdings habe ich schon die zweite Tastatur am Rechner hängen, an dr liegts wohl also auch nicht. USB? |
|
08.01.2014, 14:09
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. Ja, wird wohl ein Hardwarefehler oder vllt nur ein Treiberproblem sein. Mach mal dazu ein neues Thema in unserer Hardwareabteliung auf.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.01.2014, 14:47
| #15 | |
| | Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a.Zitat:
Noch zu meiner Frage: muss ich mir um meine Passwörter sorgen machen, oder kann ich das eher entspannt sehen? Jedenfalls schon mal vielen lieben Dank für Deine Hilfe!!! |
|
| Themen zu Tastatur generiert Anschläge; Malwarebytes findet PUP.Optional.Delta.A, -MixiDJToolbar.A, -BProtector.A, -Babylon.A u.a. |
| antimalwarebytes, bonjour, flash player, homepage, install.exe, launch, netzwerk, neustart, newtab, ntdll.dll, programm, pup.bprotector, pup.optional.babsolution.a, pup.optional.babylon.a, pup.optional.bitguard.a, pup.optional.bprotector.a, pup.optional.crx.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.mixidj.a, pup.optional.mixidjtoolbar.a, pup.optional.startpage, remote control, rundll, schutz, software, svchost.exe, teamspeak, temp |
Linear-Darstellung
