Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.01.2014, 21:51   #1
orchidee12
 
Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



Hallo zusammen,

ich habe heute diese Mail in meinem Postfach geöffnet: Ihre Telekom Mobilfunk RechnungOnline für Geschäftskunden 716383475434659659 vom 09.01.2014 des Kundenkontos 839861161161.

Ich habe dort dummerweise auf den Download Link geklickt, da öffnete sich eine Seite, die nicht gefunden wurde. In den Beiträgen aus dem Internet steht ja, dass sich im Anhang eine zip Datei befinden soll, allerdings gab es bei mir keinen Anhang, sondern nur diesen Download Link.

Ich habe einen Virendurchlauf mit Avira gemacht, allerdings zeigt dieser an, dass er keinen Virus finden kann.

Wie finde ich nun heraus, ob ich durch das Klicken auf den Download Link einen Trojaner auf meinem Laptop habe?

Es wäre sehr nett, wenn mir Jemand helfen könnte. Vielen Dank im Voraus

VG, Maria

Alt 09.01.2014, 22:02   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.01.2014, 22:48   #3
orchidee12
 
Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



Hallo,

hier ist meine FRST.txt
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014 01
Ran by Sandra (administrator) on SANDRA-PC on 09-01-2014 21:15:48
Running from C:\Users\Sandra\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Sleep Memory Optimizer\FFSService.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Sandra\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Apache Software Foundation) C:\BitNami\redmine-2.3.3-1\apache2\bin\httpd.exe
() C:\BitNami\redmine-2.3.3-1\mysql\bin\mysqld.exe
() C:\BitNami\redmine-2.3.3-1\subversion\scripts\winserv.exe
(Apache Subversion) C:\BitNami\redmine-2.3.3-1\subversion\bin\svnserve.exe
() C:\BitNami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe
() C:\BitNami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe
(hxxp://www.ruby-lang.org/) C:\BitNami\redmine-2.3.3-1\ruby\bin\ruby.exe
(hxxp://www.ruby-lang.org/) C:\BitNami\redmine-2.3.3-1\ruby\bin\ruby.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Apache Software Foundation) C:\BitNami\redmine-2.3.3-1\apache2\bin\httpd.exe
(Whilokii) C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Sandra\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2275944 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2642728 2011-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-15] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [LGODDFU] - C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-12-24] (Bitleader)
HKLM-x32\...\Run: [starter4g] - C:\Windows\starter4g.exe [160424 2010-04-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2486296 2014-01-08] ()
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Advanced SystemCare 6] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKCU\...\Run: [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe  "C:\Users\Sandra\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-10] (Spotify Ltd)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [Google Update] - C:\Users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-25] (Google Inc.)
MountPoints2: {338bd3b3-30e0-11e3-8f60-bc1ba5f9245a} - D:\HTC_Sync_Manager_PC.exe
MountPoints2: {e334623e-5f20-11e3-9c3c-005056c00008} - D:\vs_ultimate.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-02] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-02] ()
HKU\MsDtsServer110\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-02] ()
HKU\TEMP\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-02] ()
Startup: C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sandra\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Web search
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = Bueno Search
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = QVO6
URLSearchHook: HKCU - (No Name) - {539F76FD-084E-4858-86D5-62F02F54AE86} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe QVO6
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS543232A7A384_E2P312330PLRGP0PLRGPX&ts=1382129156&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS543232A7A384_E2P312330PLRGP0PLRGPX&ts=1382129156&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS543232A7A384_E2P312330PLRGP0PLRGPX&ts=1382129156&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS543232A7A384_E2P312330PLRGP0PLRGPX&ts=1382129156&type=default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {191AB4F6-C1FD-4892-B30E-95601BF15904} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=4658011200000000000016de2bcb2b11&r=969
SearchScopes: HKCU - bProtectorDefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.doko-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039
SearchScopes: HKCU - {191AB4F6-C1FD-4892-B30E-95601BF15904} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=4658011200000000000016de2bcb2b11&r=969
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=HitachiXHTS543232A7A384_E2P312330PLRGP0PLRGPX&ts=1382129156&type=default&q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={2508BF24-5E9E-4BAC-9391-15F09A46A0EB}&mid=e10f66172b0147d0af2b2e36baf7a2bf-7329387bd51f2399b9d127213a91ab7ec98d0a2f&lang=de&ds=pd011&pr=sa&d=2012-09-02 15:33:16&v=14.2.0.1&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Whilokii - {204df522-9a96-4a72-abb0-60f7a216d6d2} - C:\Program Files (x86)\Whilokii\WhilokiiBHO.dll (Whilokii)
BHO-x32: No Name - {3B9F6E59-04CA-43FF-92DF-F6E66D3A8D82} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: No Name - {AA74D58F-ACD0-450D-A85E-6C04B171C044} -  No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.5\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: No Name - {EEE6C35C-6118-11DC-9C72-001320C79847} -  No File
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - No Name - {339E1B37-76D3-4A64-A988-E81425DF831C} -  No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default
FF user.js: detected! => C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\user.js
FF NewTab: hxxp://www.doko-search.com/?babsrc=NT_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039
FF DefaultSearchEngine: Doko Search
FF SelectedSearchEngine: Doko Search
FF Homepage: hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sandra\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sandra\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\dokotoolbar.xml
FF SearchPlugin: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\MyStart.xml
FF SearchPlugin: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\Sweetpacks Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\ascsurfingprotection@iobit.com
FF Extension: Delta Toolbar - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\ffxtlbr@delta.com
FF Extension: dokotoolbar.com - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\ffxtlbr@dokotoolbar.com
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\ich@maltegoetz.de
FF Extension: Zotero Word for Windows Integration - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\zoteroWinWordIntegration@zotero.org
FF Extension: Garmin Communicator - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: AppsHat - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF Extension: BonanzaDeals - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
FF Extension: Whilokii - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\firefox@whilokii.net.xpi
FF Extension: Zotero - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\zotero@chnm.gmu.edu.xpi
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
FF HKCU\...\Firefox\Extensions: [{8f5010e2-9577-4aed-ad42-f2098ea15def}] - C:\Program Files (x86)\LyricsPal\133.xpi
FF Extension: Lyrics-Pal - C:\Program Files (x86)\LyricsPal\133.xpi
FF Extension: Lyrics-Pal - C:\Program Files (x86)\LyricsPal\133.xpi

Chrome: 
=======
CHR HomePage: hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=4658011200000000000016de2bcb2b11
CHR DefaultSearchKeyword: softonic
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=4658011200000000000016de2bcb2b11
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Update) - C:\Users\Sandra\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Doko Toolbar) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\edcikfknpchdehdlmjpbofgkoaonaijg\1.6.2_0
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_1
CHR Extension: (Delta Toolbar) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.5.1_0
CHR Extension: (AdBlock) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Whilokii) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0_1
CHR Extension: (MonoChrome) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnlphmmcijokifloflhecnkkhbpdnnk\1.2_0
CHR Extension: (BonanzaDeals) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\4.9.0.9_0
CHR Extension: (AVG Security Toolbar) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.3.0.49_0
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR Extension: (WeatherBug) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0
CHR Extension: (Google Wallet) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1
CHR Extension: (Gmail) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (Lyrics-Pal) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnbbffeddnekkhjmokkhdebbfbibbflc\1.133_0
CHR HKLM-x32\...\Chrome\Extension: [edcikfknpchdehdlmjpbofgkoaonaijg] - C:\Users\Sandra\AppData\Roaming\BabSolution\CR\Doko.crx
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Sandra\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx
CHR HKLM-x32\...\Chrome\Extension: [pnbbffeddnekkhjmokkhdebbfbibbflc] - C:\Program Files (x86)\LyricsPal\133.crx

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-18] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-18] (BonanzaDeals)
R2 FFSOpzSvc; C:\Program Files\Sleep Memory Optimizer\FFSService.exe [141192 2011-09-17] (Acer Incorporated)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219992 2013-06-04] (Garmin Ltd or its subsidiaries)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218600 2012-12-29] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [192000 2012-12-29] (Microsoft Corporation)
R2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe [72497640 2012-10-20] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 redmineApache; C:\BitNami\REDMIN~1.3-1\apache2\bin\httpd.exe [22016 2013-07-16] (Apache Software Foundation)
R2 redmineMySQL; C:\BitNami\redmine-2.3.3-1\mysql\bin\mysqld.exe [8151040 2013-05-16] ()
R2 redmineSubversion; C:\BitNami\redmine-2.3.3-1\subversion\scripts\winserv.exe [34304 2012-09-03] ()
R2 redmineThin1; C:\BitNami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe [34304 2012-09-12] ()
R2 redmineThin2; C:\BitNami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe [34304 2012-09-12] ()
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2423792 2012-10-20] (Microsoft Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-11] (Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-11] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [612864 2012-12-29] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)
S2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [65304 2013-10-05] (Whilokii)
R2 Util Whilokii; C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe [65304 2013-10-20] (Whilokii)
R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-08] (AVG Secure Search)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-25] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2010-04-30] (4G Systems GmbH & Co. KG)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros)
R3 MSSQLFDLauncher; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.MSSQLSERVER [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-13] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2013-04-22] (Mobile Connector)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-07] (Disc Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-09 21:15 - 2014-01-09 21:19 - 00039234 _____ C:\Users\Sandra\Downloads\FRST.txt
2014-01-09 21:14 - 2014-01-09 21:14 - 01931770 _____ (Farbar) C:\Users\Sandra\Downloads\FRST64 (1).exe
2014-01-09 21:14 - 2014-01-09 21:14 - 00000000 ____D C:\FRST
2014-01-09 21:08 - 2014-01-09 21:09 - 01931770 _____ (Farbar) C:\Users\Sandra\Downloads\FRST64.exe
2014-01-09 21:07 - 2014-01-09 21:07 - 01065947 _____ (Farbar) C:\Users\Sandra\Downloads\FRST.exe
2014-01-08 21:07 - 2014-01-08 21:08 - 42562032 _____ C:\Users\Sandra\Downloads\easetup (4).exe
2014-01-07 20:55 - 2014-01-07 20:55 - 00003288 ____N C:\bootsqm.dat
2014-01-07 20:16 - 2014-01-07 20:16 - 21520384 _____ C:\Windows\system32\config\system.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 174997504 _____ C:\Windows\system32\config\software.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 08306688 _____ C:\Windows\system32\config\default.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 00061440 _____ C:\Windows\system32\config\sam.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 00040960 _____ C:\Windows\system32\config\security.iobit
2014-01-07 13:56 - 2014-01-09 20:33 - 00008098 _____ C:\Windows\PFRO.log
2014-01-07 13:56 - 2014-01-09 20:33 - 00001245 _____ C:\Windows\setupact.log
2014-01-07 13:56 - 2014-01-07 13:56 - 00000000 _____ C:\Windows\setuperr.log
2014-01-02 18:03 - 2014-01-02 18:03 - 00197188 _____ C:\Users\Sandra\Downloads\HTW_M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_V2_WS2013_14_E_26696581.xlsx
2014-01-02 18:03 - 2014-01-02 18:03 - 00192259 _____ C:\Users\Sandra\Downloads\M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_WS2013_14_E_26624875 (5).xlsx
2014-01-02 18:02 - 2014-01-02 18:02 - 00192259 _____ C:\Users\Sandra\Downloads\M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_WS2013_14_E_26624875 (4).xlsx
2014-01-02 18:01 - 2014-01-02 18:01 - 00013662 _____ C:\Users\Sandra\Downloads\Gruppeneinteilung_WS2013_14_26540674.xlsx
2013-12-25 21:59 - 2013-12-25 21:59 - 03622400 _____ C:\Users\Sandra\Downloads\Part_I Swarm Intelligence.ppt
2013-12-12 15:18 - 2013-12-13 00:03 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-12-12 03:08 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 03:08 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 03:08 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 03:08 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 03:05 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:05 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:05 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:05 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:05 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:05 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:05 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:05 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:05 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 03:05 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:05 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:05 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:05 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:05 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:05 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 03:05 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 03:05 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 03:05 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 03:05 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:05 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 03:05 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 03:04 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 03:04 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:04 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 03:04 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:04 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:04 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 03:04 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 03:04 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:04 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 03:04 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-12 02:40 - 2014-01-09 10:56 - 01330130 _____ C:\Users\Sandra\Documents\WordRqmErrors.log
2013-12-12 02:14 - 2013-12-12 02:26 - 00003147 _____ C:\Users\Sandra\Desktop\Secure Download Manager.lnk
2013-12-12 02:14 - 2013-12-12 02:14 - 00000000 ____D C:\Users\Sandra\AppData\Local\e-academy Inc
2013-12-12 02:13 - 2013-12-12 02:13 - 00719360 _____ C:\Users\Sandra\Downloads\SDM_DE (16).msi
2013-12-12 02:08 - 2013-12-12 02:09 - 00719360 _____ C:\Users\Sandra\Downloads\SDM_DE (15).msi
2013-12-12 01:50 - 2013-12-12 01:50 - 12444447 _____ C:\Users\Sandra\Downloads\DefiningAndDeployingACube_DE (1).wmv
2013-12-12 01:34 - 2013-12-10 20:16 - 00000000 ____D C:\Users\Sandra\Desktop\ETL-Prozesse
2013-12-12 01:25 - 2013-12-12 01:25 - 12444447 _____ C:\Users\Sandra\Downloads\DefiningAndDeployingACube_DE.wmv
2013-12-12 00:34 - 2013-12-12 00:34 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\PowerDesigner
2013-12-12 00:28 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 00:28 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 00:28 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 00:28 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 00:28 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 00:28 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 00:28 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 00:28 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 00:28 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 00:27 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 00:27 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 00:27 - 2011-03-16 14:22 - 00260096 ____N (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2013-12-12 00:26 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 00:26 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 00:26 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 00:26 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 00:26 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 00:26 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 00:26 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 00:26 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 00:22 - 2013-12-12 00:41 - 00000000 ____D C:\ProgramData\PowerDesigner 16
2013-12-12 00:22 - 2013-12-12 00:22 - 00000000 ____D C:\Program Files (x86)\Sybase
2013-12-11 21:14 - 2013-12-11 21:14 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-10 16:31 - 2013-12-10 16:45 - 878360600 _____ (Microsoft Corporation) C:\Users\Sandra\Downloads\SSDTBI_VS2012_x86_DEU (2).exe

==================== One Month Modified Files and Folders =======

2014-01-09 21:19 - 2014-01-09 21:15 - 00039234 _____ C:\Users\Sandra\Downloads\FRST.txt
2014-01-09 21:14 - 2014-01-09 21:14 - 01931770 _____ (Farbar) C:\Users\Sandra\Downloads\FRST64 (1).exe
2014-01-09 21:14 - 2014-01-09 21:14 - 00000000 ____D C:\FRST
2014-01-09 21:14 - 2012-04-21 11:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-09 21:12 - 2011-11-27 05:12 - 02047319 _____ C:\Windows\WindowsUpdate.log
2014-01-09 21:09 - 2014-01-09 21:08 - 01931770 _____ (Farbar) C:\Users\Sandra\Downloads\FRST64.exe
2014-01-09 21:07 - 2014-01-09 21:07 - 01065947 _____ (Farbar) C:\Users\Sandra\Downloads\FRST.exe
2014-01-09 20:56 - 2013-08-25 11:23 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000UA.job
2014-01-09 20:51 - 2013-10-18 21:46 - 00000926 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2014-01-09 20:47 - 2009-07-14 05:45 - 00024432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-09 20:47 - 2009-07-14 05:45 - 00024432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-09 20:42 - 2013-12-06 10:57 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-09 20:39 - 2013-11-19 17:26 - 00000000 ____D C:\ProgramData\VMware
2014-01-09 20:36 - 2013-11-11 19:03 - 00000000 ____D C:\Users\Sandra\AppData\Local\HTC MediaHub
2014-01-09 20:36 - 2013-10-20 19:59 - 00000000 ___RD C:\Users\Sandra\Dropbox
2014-01-09 20:36 - 2013-10-20 19:54 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Dropbox
2014-01-09 20:34 - 2013-10-18 21:46 - 00000922 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2014-01-09 20:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-09 20:33 - 2014-01-07 13:56 - 00008098 _____ C:\Windows\PFRO.log
2014-01-09 20:33 - 2014-01-07 13:56 - 00001245 _____ C:\Windows\setupact.log
2014-01-09 10:56 - 2013-12-12 02:40 - 01330130 _____ C:\Users\Sandra\Documents\WordRqmErrors.log
2014-01-08 23:55 - 2012-08-08 08:46 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Spotify
2014-01-08 23:37 - 2012-08-08 08:46 - 00000000 ____D C:\Users\Sandra\AppData\Local\Spotify
2014-01-08 22:49 - 2013-06-12 19:24 - 00003730 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-01-08 22:48 - 2012-09-02 14:33 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2014-01-08 21:08 - 2014-01-08 21:07 - 42562032 _____ C:\Users\Sandra\Downloads\easetup (4).exe
2014-01-08 18:45 - 2012-05-23 16:19 - 00000000 ____D C:\Users\Sandra\AppData\Local\CrashDumps
2014-01-08 00:57 - 2013-08-25 11:23 - 00002678 _____ C:\Users\Sandra\Desktop\Google Chrome.lnk
2014-01-07 21:53 - 2012-07-01 13:50 - 00000000 ____D C:\Users\Sandra\Documents\Outlook-Dateien
2014-01-07 21:00 - 2013-12-08 00:13 - 00000000 ____D C:\Users\MSSQLFDLauncher
2014-01-07 20:55 - 2014-01-07 20:55 - 00003288 ____N C:\bootsqm.dat
2014-01-07 20:41 - 2013-10-30 21:16 - 02041892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-07 20:41 - 2011-11-27 13:54 - 00870162 _____ C:\Windows\system32\perfh007.dat
2014-01-07 20:41 - 2011-11-27 13:54 - 00214054 _____ C:\Windows\system32\perfc007.dat
2014-01-07 20:41 - 2009-07-14 06:13 - 02041892 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 20:16 - 2014-01-07 20:16 - 21520384 _____ C:\Windows\system32\config\system.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 174997504 _____ C:\Windows\system32\config\software.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 08306688 _____ C:\Windows\system32\config\default.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 00061440 _____ C:\Windows\system32\config\sam.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 00040960 _____ C:\Windows\system32\config\security.iobit
2014-01-07 20:16 - 2013-12-08 00:16 - 00000000 ____D C:\Users\ReportServer
2014-01-07 20:16 - 2013-12-08 00:16 - 00000000 ____D C:\Users\MSSQLServerOLAPService
2014-01-07 20:16 - 2013-12-08 00:14 - 00000000 ____D C:\Users\MsDtsServer110
2014-01-07 20:16 - 2013-12-08 00:13 - 00000000 ____D C:\Users\MSSQLSERVER
2014-01-07 20:16 - 2012-04-21 10:05 - 00000000 ____D C:\Users\Sandra
2014-01-07 15:56 - 2013-08-25 11:23 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000Core.job
2014-01-07 14:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-07 13:56 - 2014-01-07 13:56 - 00000000 _____ C:\Windows\setuperr.log
2014-01-06 09:45 - 2013-06-06 18:08 - 00000000 ____D C:\Windows\SysWOW64\WNLT
2014-01-04 16:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-02 18:03 - 2014-01-02 18:03 - 00197188 _____ C:\Users\Sandra\Downloads\HTW_M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_V2_WS2013_14_E_26696581.xlsx
2014-01-02 18:03 - 2014-01-02 18:03 - 00192259 _____ C:\Users\Sandra\Downloads\M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_WS2013_14_E_26624875 (5).xlsx
2014-01-02 18:02 - 2014-01-02 18:02 - 00192259 _____ C:\Users\Sandra\Downloads\M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_WS2013_14_E_26624875 (4).xlsx
2014-01-02 18:01 - 2014-01-02 18:01 - 00013662 _____ C:\Users\Sandra\Downloads\Gruppeneinteilung_WS2013_14_26540674.xlsx
2013-12-30 20:54 - 2013-06-06 18:08 - 00000000 ____D C:\Windows\SysWOW64\ARFC
2013-12-25 21:59 - 2013-12-25 21:59 - 03622400 _____ C:\Users\Sandra\Downloads\Part_I Swarm Intelligence.ppt
2013-12-25 20:58 - 2012-05-20 23:18 - 00000000 ____D C:\Users\Sandra\Filme
2013-12-20 09:46 - 2013-08-15 19:23 - 00001073 _____ C:\Windows\wininit.ini
2013-12-20 09:45 - 2013-10-20 19:59 - 00001025 _____ C:\Users\Sandra\Desktop\Dropbox.lnk
2013-12-20 09:45 - 2013-10-20 19:55 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-12-20 09:45 - 2012-04-21 10:06 - 00000000 ___RD C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 16:42 - 2012-04-23 09:05 - 00000000 ____D C:\Users\Sandra\AppData\Local\Adobe
2013-12-18 16:42 - 2012-04-21 10:13 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Adobe
2013-12-18 16:31 - 2013-08-07 18:33 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-18 16:31 - 2013-08-07 18:32 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-18 16:31 - 2013-08-07 18:32 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-17 19:35 - 2013-08-17 00:35 - 00000000 ____D C:\Windows\system32\MRT
2013-12-17 19:21 - 2012-04-21 11:32 - 00000272 _____ C:\Windows\lgfwup.ini
2013-12-17 19:21 - 2012-04-21 11:32 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate
2013-12-17 12:12 - 2012-05-24 09:07 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Skype
2013-12-15 17:52 - 2013-11-22 00:25 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-12-15 17:34 - 2012-04-21 19:28 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 00:03 - 2013-12-12 15:18 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-12-12 13:54 - 2009-07-14 05:45 - 00466096 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 10:44 - 2013-09-25 15:45 - 00000000 ____D C:\Users\Sandra\Desktop\Masterstudium
2013-12-12 03:08 - 2012-04-21 11:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 03:02 - 2013-12-12 03:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-12 02:26 - 2013-12-12 02:14 - 00003147 _____ C:\Users\Sandra\Desktop\Secure Download Manager.lnk
2013-12-12 02:14 - 2013-12-12 02:14 - 00000000 ____D C:\Users\Sandra\AppData\Local\e-academy Inc
2013-12-12 02:13 - 2013-12-12 02:13 - 00719360 _____ C:\Users\Sandra\Downloads\SDM_DE (16).msi
2013-12-12 02:09 - 2013-12-12 02:08 - 00719360 _____ C:\Users\Sandra\Downloads\SDM_DE (15).msi
2013-12-12 02:06 - 2013-10-16 15:47 - 00000000 _____ C:\Users\Sandra\Downloads\SecureDownloadManager.log
2013-12-12 02:03 - 2013-10-30 20:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-12-12 01:59 - 2013-10-30 20:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-12-12 01:50 - 2013-12-12 01:50 - 12444447 _____ C:\Users\Sandra\Downloads\DefiningAndDeployingACube_DE (1).wmv
2013-12-12 01:25 - 2013-12-12 01:25 - 12444447 _____ C:\Users\Sandra\Downloads\DefiningAndDeployingACube_DE.wmv
2013-12-12 00:41 - 2013-12-12 00:22 - 00000000 ____D C:\ProgramData\PowerDesigner 16
2013-12-12 00:34 - 2013-12-12 00:34 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\PowerDesigner
2013-12-12 00:23 - 2011-10-21 02:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-12 00:22 - 2013-12-12 00:22 - 00000000 ____D C:\Program Files (x86)\Sybase
2013-12-11 21:14 - 2013-12-11 21:14 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 21:14 - 2012-04-21 11:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 21:14 - 2012-04-21 11:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 21:14 - 2011-10-21 02:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 23:22 - 2013-10-30 21:43 - 00000000 ____D C:\Users\Sandra\Documents\SQL Server Management Studio
2013-12-10 20:16 - 2013-12-12 01:34 - 00000000 ____D C:\Users\Sandra\Desktop\ETL-Prozesse
2013-12-10 16:45 - 2013-12-10 16:31 - 878360600 _____ (Microsoft Corporation) C:\Users\Sandra\Downloads\SSDTBI_VS2012_x86_DEU (2).exe

Some content of TEMP:
====================
C:\Users\Sandra\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-01 23:07

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 10.01.2014, 22:51   #4
orchidee12
 
Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



und hier ist die Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2014 01
Ran by Sandra at 2014-01-09 21:20:33
Running from C:\Users\Sandra\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (x32 Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.) Hidden
Acer Deep Sleep Settings (x32 Version: 1.00.3008 - Acer Incorporated)
Acer ePower Management (x32 Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 5.00.3504 - Acer Incorporated)
Acer Registration (x32 Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0902.2011 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3500 - Acer Incorporated)
Acer VCM (x32 Version: 4.05.3501 - Acer Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 64-bit (Version: 5.2.1 - Adobe)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Advanced SystemCare 6 (x32 Version: 6.0 - IObit)
AppsHat Mobile Apps (HKCU Version: 1.0.0.0 - Somoto Ltd.) <==== ATTENTION
Atheros Bluetooth Suite (64) (Version: 7.04.000.98 - Atheros)
Atheros Driver Installation Program (x32 Version: 9.0 - Atheros)
AVG Security Toolbar (x32 Version: 17.3.0.49 - AVG Technologies)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Axure RP Pro 6.5 (x32 Version: 6.5.0.3055 - Axure Software Solutions, Inc.)
Axure RP Pro 6.5 (x32 Version: 6.5.0.3055 - Axure Software Solutions, Inc.) Hidden
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bing-Desktop (x32 Version: 1.2.126.0 - Microsoft Corporation)
BitNami Redmine Stack (x32 Version: 2.3.3-1 - BitNami)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Bonanza Deals (remove only) (x32 Version: 5.0.1.0 - Bonanza Deals) <==== ATTENTION
Bundled software uninstaller (x32 Version:  - ) <==== ATTENTION
Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7 - Cisco Systems, Inc.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (x32 Version: 1.00.3500 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
Delta Chrome Toolbar (x32 Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (x32 Version: 1.8.24.5 - Delta) <==== ATTENTION
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Doko Chrome Toolbar (x32 Version:  - Doko Toolbar)
Dolby Home Theater v4 (x32 Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKCU Version: 2.4.10 - Dropbox, Inc.)
eDocPrintPro v3.17.7 (Version: 3.17.7 - MAY-Computer)
Elevated Installer (x32 Version: 2.2.10 - Garmin Ltd or its subsidiaries) Hidden
Enterprise Architect 10  - 30 Day Trial Edition (x32 Version: 10.00.1009.8 - Sparx Systems)
Entity Framework Designer für Visual Studio 2012 - DEU (x32 Version: 11.1.20702.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (x32 Version: 11.0.2100.60 - Microsoft Corporation)
ETDWare PS/2-X64 10.0.6.3_WHQL (Version: 10.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (x32 Version: 4.5.1.5451 - Evernote Corp.)
Extended Update (HKCU Version:  - )
FileZilla Client 3.7.2 (HKCU Version: 3.7.2 - Tim Kosse)
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download version 3.1.35.903 (x32 Version: 3.1.35.903 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotogràfica (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GanttProject (x32 Version:  - )
Garmin Express (x32 Version: 2.2.10 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.2.10 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (x32 Version: 2.2.10 - Garmin Ltd or its subsidiaries) Hidden
GDR 3128 für SQL Server 2012 (KB2793634) (64-bit) (Version: 11.1.3128.0 - Microsoft Corporation)
GDR 3128 für SQL Server 2012 (KB2793634) (x32 Version: 11.1.3128.0 - Microsoft Corporation)
Google Chrome (HKCU Version: 32.0.1700.72 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
gs_x64 (Version: 9.05 - MAY-Computer)
HTC Driver Installer (x32 Version: 4.8.0.002 - HTC Corporation)
HTC Sync Manager (x32 Version: 2.3.32.0 - HTC)
IBM SPSS Statistics 20 (x32 Version: 20.0.0.1 - IBM Corp)
Identity Card (x32 Version: 1.00.3501 - Acer Incorporated)
IIS 8.0 Express (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (Version:  - )
IIS Express Application Compatibility Database for x86 (Version:  - )
ImgBurn (x32 Version: 2.5.0.0 - LIGHTNING UK!)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.2.18.0 (x32 Version: 1.2.18.0 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2476 - Intel Corporation)
Intel(R) Rapid Start Technology (x32 Version: 1.0.0.1008 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
IPTInstaller (x32 Version: 4.0.8 - HTC)
IrfanView (remove only) (x32 Version: 4.32 - Irfan Skiljan)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 5.1.4 - Acer Inc.)
LG CyberLink LabelPrint (x32 Version: 2.5.3109 - CyberLink Corp.)
LG CyberLink LabelPrint (x32 Version: 2.5.3109 - CyberLink Corp.) Hidden
LG CyberLink Power2Go (x32 Version: 6.2.4009 - CyberLink Corp.)
LG CyberLink Power2Go (x32 Version: 6.2.4009 - CyberLink Corp.) Hidden
LG CyberLink PowerBackup (x32 Version: 2.5.5529 - CyberLink Corp.)
LG CyberLink YouCam (x32 Version: 2.0.3304a - CyberLink Corp.)
LG CyberLink YouCam (x32 Version: 2.0.3304a - CyberLink Corp.) Hidden
LG ODD Auto Firmware Update (x32 Version: 10.01.0712.01 - )
LG Power Tools (x32 Version: 6.0.3316 - CyberLink Corp.)
LG Power Tools (x32 Version: 6.0.3316 - CyberLink Corp.) Hidden
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Lyrics-Pal (x32 Version:  - LyricsPal Soft. LTD) <==== ATTENTION
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 - DEU (x32 Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - DEU (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (x32 Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - DEU (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - DEU (x32 Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - DEU (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (x32 Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - DEU (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch für Visual Studio 2012 CoreRes - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (x32 Version: 14.0.4763.1024 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Report Viewer 2012-Laufzeit (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On für Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (x32 Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (x32 Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (Version:  - ) Hidden
Microsoft SQL Server 2012 (64-Bit) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 (x32 Version:  - ) Hidden
Microsoft SQL Server 2012 (x32 Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.1.2816.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x32 Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 RS-Add-In für SharePoint  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012-Richtlinien  (x32 Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012-Setup (Deutsch) (x32 Version: 11.1.3369.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (x32 Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (x32 Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (x32 Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x32 Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - DEU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (x32 Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Integrated) - DEU (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTraceFrontEndLoc (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTraceLoc (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTraceLoc (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools DEU Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Isolated) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Isolated) (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Isolated) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Isoliert) Language Pack - DEU (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Isoliert) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Leistungserfassungstools - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Leistungserfassungstools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Vorbereitung (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio ProjectAggregator2 (x32 Version: 1.0 - Microsoft Corporation)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 (x32 Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Design-Time - DEU-Sprachpaket (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Design-Time - ENU Language Pack (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Design-Time - Language Pack ITA (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Design-Time - Module linguistique Français (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Design-Time - Paquete de idioma ESN (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Design-Time - 한국어 언어 팩 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Design-Time - 日本語 Language Pack (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Design-Time (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Finalizer (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Language Support - ENU Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Language Support (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 Language Support (x32 Version: 11.0.50727.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Language Support Finalizer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support  - Module linguistique Français (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 設計階段 - 繁體中文語言套件 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 设计时 - 简体中文语言包 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications Design-Time 3.0 - DEU Language Pack (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (x32 Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 - DEU Language Pack (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 - DEU Language Pack (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (x32 Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft VSS Writer für SQL Server 2012 (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (x32 Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools - Visual Studio 2012 - DEU (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.0 (Version: 4.0.1622 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (Version: 11.1.3000.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nightly 15.0a1 (x86 en-US) (x32 Version: 15.0a1 - Mozilla)
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
OpenOffice 4.0.0 (x32 Version: 4.00.9702 - Apache Software Foundation)
OpenStat Version 11.9.08 (x32 Version:  - WGM Consulting)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 Design-Time - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF24 Creator 5.2.0 (x32 Version:  - PDF24.org)
PDFCreator (x32 Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKCU Version: 2.2.1 - )
PDF-ShellTools beta 1.0.0.8 (x32 Version:  - RTT)
PDF-Viewer (Version: 2.5.205.0 - Tracker Software Products Ltd)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Qualcomm Atheros Fast Reconnect (x32 Version: 1.0 - QualComm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7601.39013 - Realtek Semiconductor Corp.)
Secure Download Manager (x32 Version: 3.1.40 - Kivuto Solutions Inc.)
Service Pack 1 für SQL Server 2012 (KB2674319) (64-bit) (Version: 11.1.3000.0 - Microsoft Corporation)
Service Pack 1 für SQL Server 2012 (KB2674319) (x32 Version: 11.1.3000.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (x32 Version: 1.0.0 - Microsoft)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
simfy (x32 Version: 1.7.3 - simfy AG)
simfy (x32 Version: 1.7.3 - simfy AG) Hidden
Skype™ 6.0 (x32 Version: 6.0.126 - Skype Technologies S.A.)
Sleep Memory Optimizer (x32 Version: 1.00.3004 - Acer Incorporated)
Softonic toolbar  on IE and Chrome (x32 Version: 1.8.21.14 - Softonic) <==== ATTENTION
Songr (HKCU Version: 2.0.2172 - Xamasoft)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
SQL Server 2012 Analysis Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data Tools - BI for Visual Studio 2012 (x32 Version: 11.1.3369.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Distributed Replay (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Master Data Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 RS_SharePoint_SharedService (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (x32 Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SSIS 64Bit For SSDTBI VS2012 (Version: 11.1.3369.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (x32 Version: 11.1.3000.0 - Microsoft Corporation)
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetPacks bundle uninstaller (x32 Version: 1.0.0001 - SweetIM Technologies Ltd.) <==== ATTENTION
Sybase PowerDesigner 16.5 (x32 Version: 16.5.3982 - SAP)
TeamViewer 7 (x32 Version: 7.0.12979 - TeamViewer)
tools-windows (x32 Version: 9.6.0.1295980 - VMware, Inc.) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.1.2731.0 - Microsoft Corporation)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (x32 Version: 10.1.2731.0 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Visual Rules Modeler 6.0 (x32 Version: 6.0.0 - Bosch Software Innovations GmbH)
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2012 Prerequisites - DEU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VMware Player (Version: 6.0.0 - VMware, Inc.) Hidden
VMware Player (x32 Version: 6.0.0 - VMware, Inc)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (x32 Version: 4.1.61829.0 - Microsoft Corporation)
Welcome Center (x32 Version: 1.02.3504 - Acer Incorporated)
Whilokii 1.0.0 (Version: 1.0.0 - Whilokii) <==== ATTENTION
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - de-de (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (Version: 5.01.0 - win.rar GmbH)
XSManager (x32 Version: 3.2 - XSManager)
Zotero Standalone 3.0.7 (x86 en-US) (x32 Version: 3.0.7 - Zotero)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3505.0912 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для среды разработки набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

04-01-2014 15:51:44 Geplanter Prüfpunkt
07-01-2014 19:34:00 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04EA484B-3BE3-4506-9B10-E51DE42F90CC} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {1002B586-BD07-431A-87C1-5944275307CC} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION
Task: {292381C3-FBAB-4E21-B804-8DF3A284758A} - System32\Tasks\Google Updater and Installer => C:\Users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25] (Google Inc.)
Task: {36D88C33-3AC4-40DB-A2AD-DFDB7945A0A0} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-18] (BonanzaDeals) <==== ATTENTION
Task: {39D7F530-A391-4859-B717-CDFA7AB683F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {44D0C891-57C2-4EF1-AA08-26AFDDAF9823} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000Core => C:\Users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25] (Google Inc.)
Task: {60C323C4-AB4B-4837-BCE9-31B32AE82608} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05] (Adobe Systems Incorporated)
Task: {6A61536D-89E5-4C7F-875D-63EEC388D1B6} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe [2012-10-29] (IObit)
Task: {79604EC1-AE4E-475F-AC79-5682C8480986} - System32\Tasks\ASC6_AutoClean => C:\Program Files (x86)\IObit\Advanced SystemCare 6\AutoSweep.exe [2012-09-26] (IObit)
Task: {83047CC7-1D8C-4307-8F62-170725D1826C} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-18] (BonanzaDeals) <==== ATTENTION
Task: {8486B674-610D-40EB-A507-A102EE4AC43F} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {9D3ABF8C-3EA6-476A-96C1-1C8096561155} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {AF1F8E3E-5114-4A8D-A915-EC8CFFB59559} - System32\Tasks\EPUpdater => C:\Users\Sandra\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-09-01] () <==== ATTENTION
Task: {B1399F48-4232-4A74-A198-F87CCB7AD2C1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-10-26] ()
Task: {B329CF4C-7079-4BFB-956E-364F0133CAFD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000UA => C:\Users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25] (Google Inc.)
Task: {DA02A5B7-AA2B-4894-8BB3-1CFE3EE2E229} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {F959C73D-E613-4A54-A7F5-E07294EA2063} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000Core.job => C:\Users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000UA.job => C:\Users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-11-27 13:39 - 2011-08-09 16:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-10 22:48 - 2013-10-10 22:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-08-07 18:32 - 2013-08-07 18:18 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-12-24 14:18 - 2012-10-30 15:37 - 00348032 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl
2012-12-24 14:18 - 2012-10-30 15:37 - 00182656 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl
2012-12-24 14:18 - 2012-10-30 15:37 - 00050048 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl
2013-08-15 19:22 - 2013-08-22 11:02 - 00187888 _____ () C:\Users\Sandra\AppData\Roaming\BabSolution\Shared\enhancedNT.dll
2013-10-17 16:40 - 2013-10-17 16:40 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-10-17 16:40 - 2013-10-17 16:40 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-10-17 16:40 - 2013-10-17 16:40 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-10-17 16:40 - 2013-10-17 16:40 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-10-17 16:40 - 2013-10-17 16:40 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-10-17 16:42 - 2013-10-17 16:42 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-10-17 16:43 - 2013-10-17 16:43 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Sandra\AppData\Roaming\Dropbox\bin\libcef.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2014-01-08 22:48 - 2014-01-08 22:48 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
2013-08-06 18:43 - 2013-08-06 18:43 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-10-12 15:47 - 2013-07-13 13:04 - 00113152 _____ () C:\BitNami\REDMIN~1.3-1\apache2\bin\pcre.dll
2013-10-12 15:47 - 2013-06-29 12:48 - 00067584 _____ () C:\BitNami\REDMIN~1.3-1\apache2\bin\zlib1.dll
2013-10-12 15:48 - 2013-09-18 22:00 - 00097792 _____ () C:\BitNami\redmine-2.3.3-1\php\libpq.dll
2013-10-12 15:48 - 2012-03-02 13:41 - 00025088 _____ () C:\BitNami\redmine-2.3.3-1\php\php5apache2_4.dll
2013-10-12 15:49 - 2012-05-27 16:10 - 00013312 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2013-10-12 15:49 - 2012-05-27 16:10 - 00010752 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2013-10-12 15:49 - 2012-05-27 16:11 - 00015360 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2013-10-12 15:49 - 2012-05-27 16:19 - 00036352 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\pathname.so
2013-10-12 15:49 - 2012-05-27 16:10 - 00009728 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2013-10-12 15:49 - 2012-05-27 16:12 - 00015872 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2013-10-12 15:49 - 2012-05-27 16:12 - 00096768 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2013-10-12 15:49 - 2012-05-27 16:18 - 00010240 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\etc.so
2013-10-12 15:49 - 2012-05-27 16:17 - 00009216 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\digest\sha1.so
2013-10-12 15:49 - 2012-05-27 16:16 - 00016384 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\digest.so
2013-10-12 15:49 - 2012-05-27 16:20 - 00023552 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\strscan.so
2013-10-12 15:49 - 2012-05-27 16:19 - 00025600 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\psych.so
2013-10-12 15:49 - 2012-05-27 16:24 - 00358439 _____ () C:\BitNami\redmine-2.3.3-1\ruby\bin\libyaml-0-2.dll
2013-10-12 15:49 - 2012-05-27 16:20 - 00029184 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\stringio.so
2013-10-12 15:49 - 2012-05-27 16:16 - 00193024 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\date_core.so
2013-10-12 15:49 - 2012-05-27 16:19 - 00307200 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\openssl.so
2013-10-12 15:49 - 2012-05-27 16:24 - 00083968 _____ () C:\BitNami\redmine-2.3.3-1\ruby\bin\ZLIB1.dll
2013-10-12 15:49 - 2012-05-27 16:18 - 00008704 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2013-10-12 15:57 - 2013-10-12 15:57 - 06313319 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\gems\1.9.1\gems\eventmachine-1.0.0-x86-mingw32\lib\1.9\rubyeventmachine.so
2013-10-12 15:49 - 2012-05-27 16:20 - 00127488 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\socket.so
2013-10-12 15:49 - 2012-05-27 16:17 - 00091648 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\dl.so
2013-10-12 15:49 - 2012-05-27 16:18 - 00017920 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2013-10-12 15:49 - 2012-05-27 16:24 - 00127316 _____ () C:\BitNami\redmine-2.3.3-1\ruby\bin\libffi-6.dll
2013-10-12 15:58 - 2013-10-12 15:58 - 00022016 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\gems\1.9.1\gems\thin-1.3.1\lib\thin_parser.so
2013-10-12 15:49 - 2012-05-27 16:16 - 00098816 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\bigdecimal.so
2013-10-12 15:57 - 2013-10-12 15:57 - 00142601 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\gems\1.9.1\gems\mysql2-0.3.11-x86-mingw32\lib\mysql2\mysql2.so
2013-10-12 15:49 - 2013-05-16 18:42 - 04005376 _____ () C:\BitNami\redmine-2.3.3-1\ruby\bin\libmysql.dll
2013-10-12 15:49 - 2012-05-27 16:19 - 00019456 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\racc\cparse.so
2013-10-12 15:57 - 2013-10-12 15:57 - 00024576 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\gems\1.9.1\gems\json-1.7.7\lib\json\ext\parser.so
2013-10-12 15:49 - 2012-05-27 16:10 - 00010240 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2013-10-12 15:49 - 2012-05-27 16:10 - 00009216 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2013-10-12 15:49 - 2012-05-27 16:10 - 00009216 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2013-10-12 15:57 - 2013-10-12 15:57 - 00029696 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\gems\1.9.1\gems\json-1.7.7\lib\json\ext\generator.so
2013-10-12 15:49 - 2012-05-27 16:23 - 00074240 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\zlib.so
2013-10-12 15:49 - 2012-05-27 16:16 - 00009216 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\digest\md5.so
2013-10-12 15:49 - 2012-05-27 16:17 - 00009216 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\1.9.1\i386-mingw32\digest\sha2.so
2013-10-12 15:58 - 2013-10-12 15:58 - 01232919 _____ () C:\BitNami\redmine-2.3.3-1\ruby\lib\ruby\gems\1.9.1\gems\rmagick-2.13.1\lib\RMagick2.so
2013-10-12 15:49 - 2009-09-05 16:47 - 00729088 _____ () C:\BitNami\redmine-2.3.3-1\imagemagick\X11.dll
2013-10-12 15:49 - 2009-10-03 19:48 - 00166912 _____ () C:\BitNami\redmine-2.3.3-1\imagemagick\CORE_RL_lcms_.dll
2013-10-12 15:49 - 2009-10-03 20:08 - 00012288 _____ () C:\BitNami\redmine-2.3.3-1\imagemagick\modules\coders\IM_MOD_RL_gray_.dll
2014-01-08 00:57 - 2014-01-07 05:04 - 00715544 _____ () C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.72\libglesv2.dll
2014-01-08 00:57 - 2014-01-07 05:04 - 00100120 _____ () C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.72\libegl.dll
2014-01-08 00:57 - 2014-01-07 05:05 - 04055320 _____ () C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
2014-01-08 00:57 - 2014-01-07 05:05 - 00399640 _____ () C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll
2014-01-08 00:57 - 2014-01-07 05:04 - 01634584 _____ () C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.72\ffmpegsumo.dll
2013-10-25 10:31 - 2013-10-25 10:31 - 00337920 _____ () C:\Program Files (x86)\Whilokii\bin\sqlite3.DLL
2014-01-08 00:57 - 2014-01-07 05:05 - 13615896 _____ () C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll
2013-08-27 12:42 - 2013-08-27 12:42 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Sandra\Desktop\Währungskurs DWS.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Sandra\Desktop\Währungskurs DWS.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2014 06:45:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.72, Zeitstempel: 0x52cb57db
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x1dd0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (01/08/2014 06:43:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.72, Zeitstempel: 0x52cb57db
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x15d0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (01/07/2014 09:00:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.4.7.0, Zeitstempel: 0x51fd032f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x658
Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0
Pfad der fehlerhaften Anwendung: AutoKMS.exe1
Pfad des fehlerhaften Moduls: AutoKMS.exe2
Berichtskennung: AutoKMS.exe3

Error: (01/07/2014 08:59:04 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, ., System.String, System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()

Error: (01/07/2014 08:34:01 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
TraverseDir : Unable to push subdirectory.

System Error:
Unbekannter Fehler
.

Error: (01/07/2014 08:33:59 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
TraverseDir : Unable to push subdirectory.

System Error:
Unbekannter Fehler
.

Error: (01/07/2014 02:20:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.4.7.0, Zeitstempel: 0x51fd032f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x668
Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0
Pfad der fehlerhaften Anwendung: AutoKMS.exe1
Pfad des fehlerhaften Moduls: AutoKMS.exe2
Berichtskennung: AutoKMS.exe3

Error: (01/07/2014 02:20:03 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, ., System.String, System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()

Error: (01/07/2014 08:55:15 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BackupManagerTray.exe, Version: 3.0.0.99, Zeitstempel: 0x4db2a608
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000063
ID des fehlerhaften Prozesses: 0xe4c
Startzeit der fehlerhaften Anwendung: 0xBackupManagerTray.exe0
Pfad der fehlerhaften Anwendung: BackupManagerTray.exe1
Pfad des fehlerhaften Moduls: BackupManagerTray.exe2
Berichtskennung: BackupManagerTray.exe3

Error: (01/06/2014 09:48:39 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.4.7.0, Zeitstempel: 0x51fd032f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x654
Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0
Pfad der fehlerhaften Anwendung: AutoKMS.exe1
Pfad des fehlerhaften Moduls: AutoKMS.exe2
Berichtskennung: AutoKMS.exe3


System errors:
=============
Error: (01/09/2014 08:39:18 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (01/09/2014 08:39:18 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (01/09/2014 08:38:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update Whilokii" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/09/2014 08:38:01 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Update Whilokii erreicht.

Error: (01/09/2014 08:35:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SQL Server Integration Services 11.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/09/2014 08:35:37 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SQL Server Integration Services 11.0 erreicht.

Error: (01/09/2014 08:34:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/09/2014 08:34:52 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (01/09/2014 11:29:08 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Garmin Core Update Service erreicht.

Error: (01/09/2014 10:25:14 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80


Microsoft Office Sessions:
=========================
Error: (01/08/2014 06:45:33 PM) (Source: Application Error)(User: )
Description: chrome.exe32.0.1700.7252cb57dbntdll.dll6.1.7601.18247521ea8e7c0000374000ce7531dd001cf0c99411cfa66C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\ntdll.dllabe1e0de-788c-11e3-ac7c-005056c00008

Error: (01/08/2014 06:43:53 PM) (Source: Application Error)(User: )
Description: chrome.exe32.0.1700.7252cb57dbntdll.dll6.1.7601.18247521ea8e7c0000374000ce75315d001cf0c9772eb7a9cC:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\SysWOW64\ntdll.dll7059485a-788c-11e3-ac7c-005056c00008

Error: (01/07/2014 09:00:17 PM) (Source: Application Error)(User: )
Description: AutoKMS.exe2.4.7.051fd032fKERNELBASE.dll6.1.7601.1822951fb1677e0434352000000000000940d65801cf0be298d36befC:\Windows\AutoKMS\AutoKMS.exeC:\Windows\system32\KERNELBASE.dll54272329-77d6-11e3-ac7c-005056c00008

Error: (01/07/2014 08:59:04 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, ., System.String, System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()

Error: (01/07/2014 08:34:01 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
TraverseDir : Unable to push subdirectory.

System Error:
Unbekannter Fehler

Error: (01/07/2014 08:33:59 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
TraverseDir : Unable to push subdirectory.

System Error:
Unbekannter Fehler

Error: (01/07/2014 02:20:07 PM) (Source: Application Error)(User: )
Description: AutoKMS.exe2.4.7.051fd032fKERNELBASE.dll6.1.7601.1822951fb1677e0434352000000000000940d66801cf0ba7f1acd13fC:\Windows\AutoKMS\AutoKMS.exeC:\Windows\system32\KERNELBASE.dll6cf491da-779e-11e3-ac4b-005056c00008

Error: (01/07/2014 02:20:03 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Runtime.InteropServices.COMException
Stapel:
   bei ..(System.String, ., System.String, System.String)
   bei ...ctor()
   bei ..(.)
   bei ..()

Error: (01/07/2014 08:55:15 AM) (Source: Application Error)(User: )
Description: BackupManagerTray.exe3.0.0.994db2a608unknown0.0.0.000000000c000000500000063e4c01cf0abbb5b4680aC:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exeunknown0a7d7eee-7771-11e3-ae6d-005056c00008

Error: (01/06/2014 09:48:39 AM) (Source: Application Error)(User: )
Description: AutoKMS.exe2.4.7.051fd032fKERNELBASE.dll6.1.7601.1822951fb1677e0434352000000000000940d65401cf0abba23cc92fC:\Windows\AutoKMS\AutoKMS.exeC:\Windows\system32\KERNELBASE.dll55b0b378-76af-11e3-ae6d-005056c00008


==================== Memory info =========================== 

Percentage of memory in use: 81%
Total physical RAM: 3946.19 MB
Available physical RAM: 745.99 MB
Total Pagefile: 7890.56 MB
Available Pagefile: 3347.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:282.85 GB) (Free:87.4 GB) NTFS
Drive d: (VS2012_ULT_MSDN_DEU) (CDROM) (Total:1.54 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 1BBF3311)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 19 GB) (Disk ID: 1BBF333F)
Partition 1: (Not Active) - (Size=19 GB) - (Type=84)

==================== End Of Log ============================
         

Alt 11.01.2014, 15:17   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.01.2014, 17:43   #6
orchidee12
 
Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



und hier ist die Combofix.txt

Code:
ATTFilter
ComboFix 14-01-08.03 - Sandra 12.01.2014  17:02:42.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3946.1700 [GMT 1:00]
ausgeführt von:: c:\users\Sandra\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\LyricsPal
c:\program files (x86)\LyricsPal\01.crx
c:\program files (x86)\LyricsPal\01a.xpi
c:\program files (x86)\LyricsPal\133.crx
c:\program files (x86)\LyricsPal\133.dat
c:\program files (x86)\LyricsPal\133.xpi
c:\program files (x86)\LyricsPal\sqlite3.dll
c:\program files (x86)\LyricsPal\Uninstall.exe
c:\users\Sandra\AppData\Local\assembly\tmp
c:\users\Sandra\AppData\Local\Minibar
c:\users\Sandra\AppData\Local\Minibar\chrome.pem
c:\users\Sandra\AppData\Local\Minibar\chrome\background.html
c:\users\Sandra\AppData\Local\Minibar\chrome\cached_http_request.js
c:\users\Sandra\AppData\Local\Minibar\chrome\extension_info.json
c:\users\Sandra\AppData\Local\Minibar\chrome\icons\icon128.png
c:\users\Sandra\AppData\Local\Minibar\chrome\icons\icon19.png
c:\users\Sandra\AppData\Local\Minibar\chrome\icons\icon32.png
c:\users\Sandra\AppData\Local\Minibar\chrome\icons\icon48.png
c:\users\Sandra\AppData\Local\Minibar\chrome\includes\content.js
c:\users\Sandra\AppData\Local\Minibar\chrome\includes\content_kango.js
c:\users\Sandra\AppData\Local\Minibar\chrome\includes\content_menu.js
c:\users\Sandra\AppData\Local\Minibar\chrome\includes\content_messaging.js
c:\users\Sandra\AppData\Local\Minibar\chrome\includes\content_pageutils.js
c:\users\Sandra\AppData\Local\Minibar\chrome\includes\content_popup.js
c:\users\Sandra\AppData\Local\Minibar\chrome\includes\content_toolbar.js
c:\users\Sandra\AppData\Local\Minibar\chrome\includes\content_toolbar_customfixes.js
c:\users\Sandra\AppData\Local\Minibar\chrome\includes\content_userscript.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango-ui\button.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango-ui\toolbar.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango-ui\ui.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\browser.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\console.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\event_listener.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\initialize.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\io.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\jsonstorage.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\kango.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\lang.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\messaging.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\userscript_engine.js
c:\users\Sandra\AppData\Local\Minibar\chrome\kango\xhr.js
c:\users\Sandra\AppData\Local\Minibar\chrome\main.js
c:\users\Sandra\AppData\Local\Minibar\chrome\manifest.json
c:\users\Sandra\AppData\Local\Minibar\chrome\minibar\actions.js
c:\users\Sandra\AppData\Local\Minibar\chrome\minibar\cachedxhr.js
c:\users\Sandra\AppData\Local\Minibar\chrome\minibar\config.js
c:\users\Sandra\AppData\Local\Minibar\chrome\minibar\macros.js
c:\users\Sandra\AppData\Local\Minibar\chrome\minibar\minibar.js
c:\users\Sandra\AppData\Local\Minibar\chrome\MinibarPlugin.dll
c:\users\Sandra\AppData\Local\Minibar\chrome\popup.html
c:\users\Sandra\AppData\Local\Minibar\chrome\popup.js
c:\users\Sandra\AppData\Local\Minibar\chrome\tab.html
c:\users\Sandra\AppData\Local\Minibar\chrome\tab.js
c:\users\Sandra\AppData\Local\Minibar\chrome_installer.js
c:\users\Sandra\AppData\Local\Minibar\common.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome.manifest
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\content.xul
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\extension_info.json
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\icons\icon128.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\icons\icon19.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\icons\icon32.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\icons\icon48.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\initial_config.json
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\button.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup_window.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup_window.xul
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-left.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-middle.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-right.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\middle-left.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\middle-right.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\style.css
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-bottom.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-left.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-right.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-top.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-left.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-middle.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-right.png
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\toolbar.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\toolbar_stub.html
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango-ui\ui.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\browser.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\console.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\event_listener.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\initialize.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\io.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\jsonstorage.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\kango.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\lang.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\messaging.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\storage.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\uninstall_observer.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\userscript_engine.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\kango\xhr.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\main.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\minibar\actions.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\minibar\cachedxhr.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\minibar\config.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\minibar\homepage_helper.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\minibar\macros.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\minibar\minibar.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\minibar\search_helper.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\minibar\search_hook.js
c:\users\Sandra\AppData\Local\Minibar\firefox\chrome\content\minibar\tabpage_helper.js
c:\users\Sandra\AppData\Local\Minibar\firefox\install.rdf
c:\users\Sandra\AppData\Local\Minibar\firefox\plugins\npMinibarPlugin.dll
c:\users\Sandra\AppData\Local\Minibar\firefox_installer.js
c:\users\Sandra\AppData\Local\Minibar\ie_installer.js
c:\users\Sandra\AppData\Local\Minibar\minibar.crx
c:\users\Sandra\AppData\Local\Minibar\minibar.xpi
c:\users\Sandra\AppData\Local\Minibar\SettingsHelper.exe
c:\users\Sandra\AppData\Local\Minibar\Uninstall.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vpnagent
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-12 bis 2014-01-12  ))))))))))))))))))))))))))))))
.
.
2014-01-12 16:14 . 2014-01-12 16:14	--------	d-----w-	c:\users\TEMP\AppData\Local\temp
2014-01-12 16:14 . 2014-01-12 16:14	--------	d-----w-	c:\users\ReportServer\AppData\Local\temp
2014-01-12 16:14 . 2014-01-12 16:14	--------	d-----w-	c:\users\MSSQLServerOLAPService\AppData\Local\temp
2014-01-12 16:14 . 2014-01-12 16:14	--------	d-----w-	c:\users\MSSQLSERVER\AppData\Local\temp
2014-01-12 16:14 . 2014-01-12 16:14	--------	d-----w-	c:\users\MSSQLFDLauncher\AppData\Local\temp
2014-01-10 15:16 . 2014-01-12 15:57	--------	d-----w-	c:\users\Sandra\AppData\Roaming\stickies
2014-01-10 15:16 . 2014-01-10 15:16	534	----a-w-	c:\windows\uninstallstickies.bat
2014-01-10 15:16 . 2014-01-10 15:16	--------	d-----w-	c:\program files (x86)\Stickies
2014-01-10 14:20 . 2014-01-10 14:20	8192	----a-r-	c:\users\Sandra\AppData\Roaming\Microsoft\Installer\{CC98E8B3-FAAA-4D09-A813-A44C9FA1A3EE}\Icon3DF154B95.exe
2014-01-10 14:20 . 2014-01-10 14:20	55296	----a-r-	c:\users\Sandra\AppData\Roaming\Microsoft\Installer\{CC98E8B3-FAAA-4D09-A813-A44C9FA1A3EE}\IconCC98E8B3.exe
2014-01-10 12:19 . 2014-01-10 12:19	--------	d-----w-	c:\users\Sandra\AppData\Roaming\Iminent
2014-01-10 12:19 . 2014-01-10 12:19	--------	d-----w-	c:\programdata\Iminent
2014-01-10 12:18 . 2014-01-10 12:18	--------	d-----w-	c:\program files (x86)\Common Files\Umbrella
2014-01-10 12:18 . 2014-01-10 12:19	--------	d-----w-	c:\program files (x86)\Iminent
2014-01-10 12:18 . 2014-01-10 12:18	--------	d-----w-	c:\users\Sandra\AppData\Roaming\speedtest4354
2014-01-10 12:18 . 2014-01-10 12:18	--------	d-----w-	c:\program files (x86)\Speed Test 127
2014-01-10 12:16 . 2014-01-10 12:17	--------	d-----w-	c:\program files (x86)\StarUML
2014-01-09 20:14 . 2014-01-09 20:14	--------	d-----w-	C:\FRST
2014-01-07 19:38 . 2014-01-07 19:38	--------	d-----w-	c:\windows\Migration
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-12 16:24 . 2014-01-12 16:24	0	---ha-w-	c:\users\Sandra\AppData\Local\BIT8D07.tmp
2013-12-18 15:31 . 2013-08-07 17:33	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-12-18 15:31 . 2013-08-07 17:32	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-12-18 15:31 . 2013-08-07 17:32	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-12-15 16:34 . 2012-04-21 18:28	90708896	----a-w-	c:\windows\system32\MRT.exe
2013-12-11 20:14 . 2012-04-21 10:34	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 20:14 . 2011-10-21 01:10	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 20:14 . 2013-12-11 20:14	9272200	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-08 13:38 . 2013-10-30 20:29	498752	----a-w-	c:\programdata\Microsoft\VisualStudio\10.0\1031\ResourceCache.dll
2013-12-08 10:51 . 2013-12-08 10:45	2590976	----a-w-	c:\programdata\Microsoft\VisualStudio\11.0\1031\ResourceCache.dll
2013-12-07 20:23 . 2013-12-07 20:23	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-11-26 11:54 . 2013-12-12 02:05	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 02:05	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 02:05	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 02:05	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 02:05	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 02:05	2764288	----a-w-	c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 02:05	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 02:05	33792	----a-w-	c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 02:05	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 02:05	574976	----a-w-	c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 02:05	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 02:05	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 02:05	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 02:05	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 02:04	5769216	----a-w-	c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 02:05	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 02:04	4243968	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 02:04	1995264	----a-w-	c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 02:04	12996608	----a-w-	c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 02:04	1928192	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 02:04	2334208	----a-w-	c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 02:04	1395200	----a-w-	c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 02:05	817664	----a-w-	c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 02:05	1820160	----a-w-	c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 23:28	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 23:28	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-11-13 18:53 . 2012-09-02 13:33	46368	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-11-12 23:25 . 2013-11-12 23:25	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-12 23:25 . 2013-11-12 23:25	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-12 23:25 . 2013-11-12 23:25	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-12 23:25 . 2013-11-12 23:25	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-11-12 23:25 . 2013-11-12 23:25	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-11-12 23:25 . 2013-11-12 23:25	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-11-12 23:25 . 2013-11-12 23:25	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-11-12 23:25 . 2013-11-12 23:25	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-12 23:25 . 2013-11-12 23:25	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-11-12 23:25 . 2013-11-12 23:25	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-11-12 23:25 . 2013-11-12 23:25	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-11-12 23:25 . 2013-11-12 23:25	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-11-12 23:25 . 2013-11-12 23:25	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-11-12 23:25 . 2013-11-12 23:25	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-11-12 23:25 . 2013-11-12 23:25	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-11-12 23:25 . 2013-11-12 23:25	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-11-12 23:25 . 2013-11-12 23:25	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-12 23:25 . 2013-11-12 23:25	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-11-12 23:25 . 2013-11-12 23:25	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-11-12 23:25 . 2013-11-12 23:25	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-11-12 23:25 . 2013-11-12 23:25	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-11-12 23:25 . 2013-11-12 23:25	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-11-12 23:25 . 2013-11-12 23:25	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-11-12 23:25 . 2013-11-12 23:25	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-11-12 23:25 . 2013-11-12 23:25	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-11-12 23:25 . 2013-11-12 23:25	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-11-12 23:25 . 2013-11-12 23:25	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-11-12 23:25 . 2013-11-12 23:25	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-11-12 23:25 . 2013-11-12 23:25	247808	----a-w-	c:\windows\system32\msls31.dll
2013-11-12 23:25 . 2013-11-12 23:25	195584	----a-w-	c:\windows\system32\msrating.dll
2013-11-12 23:25 . 2013-11-12 23:25	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-11-12 23:25 . 2013-11-12 23:25	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-11-12 23:25 . 2013-11-12 23:25	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-11-12 23:25 . 2013-11-12 23:25	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-11-12 23:25 . 2013-11-12 23:25	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 23:25 . 2013-11-12 23:25	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-11-12 23:25 . 2013-11-12 23:25	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-11-12 23:25 . 2013-11-12 23:25	81408	----a-w-	c:\windows\system32\icardie.dll
2013-11-12 23:25 . 2013-11-12 23:25	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-11-12 23:25 . 2013-11-12 23:25	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-11-12 23:25 . 2013-11-12 23:25	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-11-12 23:25 . 2013-11-12 23:25	413696	----a-w-	c:\windows\system32\html.iec
2013-11-12 23:25 . 2013-11-12 23:25	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-11-12 23:25 . 2013-11-12 23:25	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-11-12 23:25 . 2013-11-12 23:25	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-11-12 23:25 . 2013-11-12 23:25	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-11-12 23:25 . 2013-11-12 23:25	235520	----a-w-	c:\windows\system32\url.dll
2013-11-12 23:25 . 2013-11-12 23:25	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-11-12 23:25 . 2013-11-12 23:25	143872	----a-w-	c:\windows\system32\wextract.exe
2013-11-12 23:25 . 2013-11-12 23:25	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-11-12 23:25 . 2013-11-12 23:25	101376	----a-w-	c:\windows\system32\inseng.dll
2013-11-12 23:25 . 2013-11-12 23:25	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-11-12 23:25 . 2013-11-12 23:25	774144	----a-w-	c:\windows\system32\jscript.dll
2013-11-12 23:25 . 2013-11-12 23:25	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-11-12 23:25 . 2013-11-12 23:25	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-11-12 23:25 . 2013-11-12 23:25	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-11-12 23:25 . 2013-11-12 23:25	147968	----a-w-	c:\windows\system32\occache.dll
2013-11-12 23:25 . 2013-11-12 23:25	13824	----a-w-	c:\windows\system32\mshta.exe
2013-11-12 23:25 . 2013-11-12 23:25	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-11-12 02:23 . 2013-12-11 23:28	2048	----a-w-	c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 23:28	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-11-11 17:57 . 2013-11-11 17:59	62752768	----a-w-	c:\program files\HTC Sync Manager.msi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}]
2013-11-14 01:35	278528	----a-w-	c:\program files (x86)\IminentToolbar\1.8.28.3\bh\iminent.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}]
2013-12-19 11:52	438784	----a-w-	c:\program files (x86)\Speed Test 127\ScriptHost.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{204df522-9a96-4a72-abb0-60f7a216d6d2}]
2013-10-05 01:05	249624	----a-w-	c:\program files (x86)\Whilokii\WhilokiiBHO.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-01-08 21:48	3349528	----a-w-	c:\program files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-08-15 08:08	314264	----a-w-	c:\program files (x86)\Delta\delta\1.8.24.5\bh\delta.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
2013-06-11 02:28	301464	----a-w-	c:\program files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17}]
2013-08-21 17:36	100336	----a-w-	c:\program files (x86)\BonanzaDeals\BonanzaDealsIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll" [2014-01-08 3349528]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.24.5\deltaTlbr.dll" [2013-08-15 300952]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll" [2013-06-11 296856]
"{1FAFD711-ABF9-4F6A-8130-5166C7371427}"= "c:\program files (x86)\IminentToolbar\1.8.28.3\iminentTlbr.dll" [2013-11-14 287744]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]
.
[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd]
.
[HKEY_CLASSES_ROOT\clsid\{1fafd711-abf9-4f6a-8130-5166c7371427}]
[HKEY_CLASSES_ROOT\iminent.iminentdskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\iminent.iminentdskBnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-24 11:49	220632	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-24 11:49	220632	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-24 11:49	220632	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
"Spotify Web Helper"="c:\users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-10 1168896]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-15 1081424]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-12-24 27760]
"starter4g"="c:\windows\starter4g.exe" [2010-04-30 160424]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-18 684600]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2014-01-08 2486296]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2013-10-10 707984]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Iminent"="c:\program files (x86)\Iminent\Iminent.exe" [2014-01-07 1074736]
"IminentMessenger"="c:\program files (x86)\Iminent\Iminent.Messengers.exe" [2014-01-07 884784]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Sandra\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-12-18 30714312]
Stickies.lnk - c:\program files (x86)\Stickies\stickies.exe [2014-1-10 1134592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2011-11-27 723560]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 bonanzadealslive;BonanzaDealsLive-Dienst (bonanzadealslive);c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe;c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Update Whilokii;Update Whilokii;c:\program files (x86)\Whilokii\updateWhilokii.exe;c:\program files (x86)\Whilokii\updateWhilokii.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 bonanzadealslivem;BonanzaDealsLive-Dienst (bonanzadealslivem);c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe;c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmnsusbser.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SQL Server Distributed Replay Client;SQL Server Distributed Replay Client;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [x]
R3 SQL Server Distributed Replay Controller;SQL Server Distributed Replay Controller;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 RsFx0201;RsFx0201 Driver;c:\windows\system32\DRIVERS\RsFx0201.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0201.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 FFSOpzSvc;Sleep memory optimizer;c:\program files\Sleep Memory Optimizer\FFSService.exe;c:\program files\Sleep Memory Optimizer\FFSService.exe [x]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 MsDtsServer110;SQL Server Integration Services 11.0;c:\program files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe;c:\program files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 redmineApache;redmineApache;c:\bitnami\REDMIN~1.3-1\apache2\bin\httpd.exe;c:\bitnami\REDMIN~1.3-1\apache2\bin\httpd.exe [x]
S2 redmineMySQL;redmineMySQL;c:\bitnami\redmine-2.3.3-1\mysql\bin\mysqld.exe;c:\bitnami\redmine-2.3.3-1\mysql\bin\mysqld.exe [x]
S2 redmineSubversion;redmineSubversion;c:\bitnami\redmine-2.3.3-1\subversion\scripts\winserv.exe;c:\bitnami\redmine-2.3.3-1\subversion\scripts\winserv.exe [x]
S2 redmineThin1;redmineThin1 (managed by WinServ);c:\bitnami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe;c:\bitnami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe [x]
S2 redmineThin2;redmineThin2 (managed by WinServ);c:\bitnami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe;c:\bitnami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe [x]
S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe;c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 SProtection;SProtection;c:\program files (x86)\Common Files\Umbrella\umbrella.exe;c:\program files (x86)\Common Files\Umbrella\umbrella.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Util Whilokii;Util Whilokii;c:\program files (x86)\Whilokii\bin\utilWhilokii.exe;c:\program files (x86)\Whilokii\bin\utilWhilokii.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [x]
S2 WTGService;WTGService;c:\program files (x86)\XSManager\WTGService.exe;c:\program files (x86)\XSManager\WTGService.exe [x]
S2 XS Stick Service;XS Stick Service;c:\windows\service4g.exe;c:\windows\service4g.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe;c:\program files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 20:14]
.
2014-01-12 c:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
- c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-18 20:45]
.
2014-01-12 c:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
- c:\program files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-18 20:45]
.
2014-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000Core.job
- c:\users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25 10:23]
.
2014-01-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000UA.job
- c:\users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25 10:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-24 11:49	244696	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-24 11:49	244696	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-24 11:49	244696	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-16 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-16 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-16 416024]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-10 12666984]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-10 2275944]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.iminent.com/?appId=D7691CB2-F1A9-4B77-9297-CA30AA686631
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHTS543232A7A384_E2P312330PLRGP0PLRGPX&ts=1382129154
mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=HitachiXHTS543232A7A384_E2P312330PLRGP0PLRGPX&ts=1382129154
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Sandra\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} -
LSP: %windir%\system32\vsocklib.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
FF - ProfilePath - c:\users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\
FF - prefs.js: browser.search.selectedEngine - Doko Search
FF - prefs.js: browser.startup.homepage - hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039
FF - prefs.js: browser.startup.homepage - hxxp://start.iminent.com/?appId=D7691CB2-F1A9-4B77-9297-CA30AA686631
FF - prefs.js: browser.search.selectedEngine - StartWeb
FF - ExtSQL: 2014-01-10 13:19; webbooster@iminent.com; c:\users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\extensions\webbooster@iminent.com.xpi
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 4658011200000000000016de2bcb2b11
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15932
FF - user.js: extensions.delta.vrsn - 1.8.24.5
FF - user.js: extensions.delta.vrsni - 1.8.24.5
FF - user.js: extensions.delta.vrsnTs - 1.8.24.520:22
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=123892&tsp=4975
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.dokotoolbar.tlbrSrchUrl - hxxp://www.doko-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039
FF - user.js: extensions.dokotoolbar.tb_url - hxxp://www.doko-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039
FF - user.js: extensions.dokotoolbar.id - 4658011200000000000016de2bcb2b11
FF - user.js: extensions.dokotoolbar.appId - {43083724-E0DA-43B9-B7D5-4C5EB0781850}
FF - user.js: extensions.dokotoolbar.instlDay - 15996
FF - user.js: extensions.dokotoolbar.vrsn - 1.8.26.9
FF - user.js: extensions.dokotoolbar.vrsni - 1.8.26.9
FF - user.js: extensions.dokotoolbar.vrsnTs - 1.8.26.922:46
FF - user.js: extensions.dokotoolbar.prtnrId - dokotoolbar
FF - user.js: extensions.dokotoolbar.prdct - dokotoolbar
FF - user.js: extensions.dokotoolbar.aflt - babsst
FF - user.js: extensions.dokotoolbar.smplGrp - none
FF - user.js: extensions.dokotoolbar.tlbrId - base
FF - user.js: extensions.dokotoolbar.instlRef - sst
FF - user.js: extensions.dokotoolbar.dfltLng - de
FF - user.js: extensions.dokotoolbar.excTlbr - false
FF - user.js: extensions.dokotoolbar.ffxUnstlRst - true
FF - user.js: extensions.dokotoolbar.admin - false
FF - user.js: extensions.dokotoolbar.autoRvrt - false
FF - user.js: extensions.dokotoolbar.rvrt - false
FF - user.js: extensions.dokotoolbar.newTab - false
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=4658011200000000000016de2bcb2b11&q=
FF - user.js: extensions.Softonic.id - 4658011200000000000016de2bcb2b11
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 16046
FF - user.js: extensions.Softonic.vrsn - 1.8.21.14
FF - user.js: extensions.Softonic.vrsni - 1.8.21.14
FF - user.js: extensions.Softonic.vrsnTs - 1.8.21.1421:27
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - OC
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - opencandy2013
FF - user.js: extensions.Softonic.instlRef - MOY00621
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=4658011200000000000016de2bcb2b11
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=4658011200000000000016de2bcb2b11
FF - user.js: extensions.iminent.tlbrSrchUrl - hxxp://start.iminent.com/?ref=toolbarm#q=
FF - user.js: extensions.iminent.id - 4658011200000000000016de2bcb2b11
FF - user.js: extensions.iminent.appId - {0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
FF - user.js: extensions.iminent.instlDay - 16080
FF - user.js: extensions.iminent.vrsn - 1.8.28.3
FF - user.js: extensions.iminent.vrsni - 1.8.28.3
FF - user.js: extensions.iminent.vrsnTs - 1.8.28.313:19
FF - user.js: extensions.iminent.prtnrId - iminent
FF - user.js: extensions.iminent.prdct - iminent
FF - user.js: extensions.iminent.aflt - orgnl
FF - user.js: extensions.iminent.smplGrp - none
FF - user.js: extensions.iminent.tlbrId - YCPCT
FF - user.js: extensions.iminent.instlRef - 
FF - user.js: extensions.iminent.dfltLng - 
FF - user.js: extensions.iminent.excTlbr - false
FF - user.js: extensions.iminent.ffxUnstlRst - false
FF - user.js: extensions.iminent.admin - false
FF - user.js: extensions.iminent.autoRvrt - false
FF - user.js: extensions.iminent.rvrt - false
FF - user.js: extensions.iminent.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{3B9F6E59-04CA-43FF-92DF-F6E66D3A8D82} - (no file)
BHO-{AA74D58F-ACD0-450D-A85E-6C04B171C044} - (no file)
BHO-{EEE6C35C-6118-11DC-9C72-001320C79847} - (no file)
Toolbar-Locked - (no file)
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
Toolbar-{339E1B37-76D3-4A64-A988-E81425DF831C} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{5526d33c-7120-4326-9097-defcbdfa0dbc} - c:\program files (x86)\LyricsPal\Uninstall.exe
.
.
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ReportServerSharePoint:Service]
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
c:\program files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
c:\bitnami\redmine-2.3.3-1\subversion\bin\svnserve.exe
c:\bitnami\redmine-2.3.3-1\ruby\bin\ruby.exe
c:\bitnami\redmine-2.3.3-1\ruby\bin\ruby.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-12  17:31:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-01-12 16:31
.
Vor Suchlauf: 12 Verzeichnis(se), 99.385.286.656 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 98.558.111.744 Bytes frei
.
- - End Of File - - 4539951839A7EC91234227CB8A604A86
         

Alt 13.01.2014, 10:56   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.01.2014, 21:17   #8
orchidee12
 
Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



und hier die Adw-Cleaner txt. Datei:

Code:
ATTFilter
# AdwCleaner v3.017 - Bericht erstellt am 14/01/2014 um 20:49:01
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sandra - SANDRA-PC
# Gestartet von : C:\Users\Sandra\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : update whilokii
[#] Dienst Gelöscht : Util Whilokii
Dienst Gelöscht : vToolbarUpdater17.3.0

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\Softonic
Ordner Gelöscht : C:\Program Files (x86)\Whilokii
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Ordner Gelöscht : C:\Windows\SysWOW64\ARFC
Ordner Gelöscht : C:\Windows\SysWOW64\jmdp
Ordner Gelöscht : C:\Windows\SysWOW64\WNLT
Ordner Gelöscht : C:\Windows\System32\ljkb
Ordner Gelöscht : C:\Users\Sandra\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Sandra\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Sandra\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Sandra\AppData\Local\webplayer
Ordner Gelöscht : C:\Users\Sandra\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Sandra\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Sandra\AppData\LocalLow\Doko-Toolbar
Ordner Gelöscht : C:\Users\Sandra\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\Users\Sandra\AppData\LocalLow\Minibar
Ordner Gelöscht : C:\Users\Sandra\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Sandra\AppData\LocalLow\SweetIM
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Doko-Toolbar
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\optimizer pro
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Softonic
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\UpdaterEX
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\SweetPacksToolbarData
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\ffxtlbr@delta.com
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\ffxtlbr@dokotoolbar.com
Ordner Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\ffxtlbr@iminent.com
Ordner Gelöscht : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Ordner Gelöscht : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\dokotoolbar.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\iminent.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\MyStart.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\softonic.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\StartWeb.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\SweetIm.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\searchplugins\Sweetpacks Search.xml
Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\user.js
Datei Gelöscht : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Datei Gelöscht : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard
Datei Gelöscht : C:\Windows\System32\Tasks\BonanzaDealsUpdate

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Sandra\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome-App-Übersicht.lnk
Verknüpfung Desinfiziert : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\WeatherBug.lnk
Verknüpfung Desinfiziert : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk
Verknüpfung Desinfiziert : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pnbbffeddnekkhjmokkhdebbfbibbflc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKCU\Software\5f0dbd1b43ded43
Schlüssel Gelöscht : HKLM\SOFTWARE\5f0dbd1b43ded43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0735B993-B879-45A1-9A55-57001C8F2A9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8B0295E2-967E-439E-9560-807D9F625B57}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\UpdaterEX
Schlüssel Gelöscht : HKCU\Software\Webplayer
Schlüssel Gelöscht : HKCU\Software\Whilokii
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyricspal
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Whilokii
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Whilokii
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\237AA359BFA99C94484AF769ACA080AD
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\237AA359BFA99C94484AF769ACA080AD
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (en-US)

[ Datei : C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.doko-search.com/?babsrc=NT_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.doko-search.com/?babsrc=HP_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039");
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=4658011200000000000016de2bcb2b11");
Zeile gelöscht : user_pref("extensions.Softonic.id", "4658011200000000000016de2bcb2b11");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16046");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=4658011200000000000016de2bcb2b11");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=4658011200000000000016de2bcb2b11&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1421:27:39");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.bbDpng", "17");
Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "0DE6DF26E59E110CE366A0F5609005AE");
Zeile gelöscht : user_pref("extensions.delta.id", "4658011200000000000016de2bcb2b11");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15932");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.24.520:22:48");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.sg", "czb");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.5");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.520:22:48");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.5");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=123892&tsp=4975");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.dokotoolbar.tb_url", "hxxp://www.doko-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039");
Zeile gelöscht : user_pref("extensions.dokotoolbar.tlbrSrchUrl", "hxxp://www.doko-search.com/?q={searchTerms}&babsrc=TB_ss&mntrId=465816DE2BCB2B11&affID=125836&tsp=5039");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k1", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k2", "30");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k3", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k4", "1376742033472");
Zeile gelöscht : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"AppsHat\",\"description\":\"AppsHat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%affi[...]
Zeile gelöscht : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Zeile gelöscht : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
Zeile gelöscht : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Zeile gelöscht : user_pref("sweetim.toolbar.Visibility.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Zeile gelöscht : user_pref("sweetim.toolbar.cargo", "3.26010003");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.cda.returnValue", "disable");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Zeile gelöscht : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Zeile gelöscht : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Zeile gelöscht : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Zeile gelöscht : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Zeile gelöscht : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Zeile gelöscht : user_pref("sweetim.toolbar.mode.debug", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.newtab.created", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.newtab.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.callback", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Zeile gelöscht : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Zeile gelöscht : user_pref("sweetim.toolbar.search.history.capacity", "10");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Zeile gelöscht : user_pref("sweetim.toolbar.simapp_id", "{8FB58BE1-E898-4CE9-AD6B-FAABD746F6F0}");
Zeile gelöscht : user_pref("sweetim.toolbar.version", "1.9.0.0");
Zeile gelöscht : user_pref("iminent.enabledAds", "false");
Zeile gelöscht : user_pref("iminent.searchindex", "1");
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.iminent.com/?appId=D7691CB2-F1A9-4B77-9297-CA30AA686631");

-\\ Google Chrome v

[ Datei : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : icon_url
Gelöscht : search_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [59348 octets] - [14/01/2014 20:42:40]
AdwCleaner[S0].txt - [56545 octets] - [14/01/2014 20:49:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [56606 octets] ##########
         
und hier die JRT.txt:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sandra on 14.01.2014 at 21:05:32,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1342352085-1474860587-1104643860-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update whilokii
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatewhilokii_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatewhilokii_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{191AB4F6-C1FD-4892-B30E-95601BF15904}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}



~~~ Files

Successfully deleted: [File] "C:\Users\Sandra\appdata\locallow\SkwConfig.bin"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\Sandra\appdata\local\appshat mobile apps"
Successfully deleted: [Folder] "C:\Users\Sandra\appdata\local\software"
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{01A5848B-3915-4FD1-8B0E-2F70250DAF66}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{0295A934-FE5E-4538-BBAC-25F1892E8838}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{032FA9D6-F283-4B26-8EAA-B87DDE831DDB}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{03A15250-73B8-4782-A2EF-6E4EF543552B}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{07856CA4-6319-420F-B39A-146604955013}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{26C0DD87-E8A8-4674-89EF-B13FCC8C7E9F}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{2AD48927-1DD9-415B-BD38-5C74629F7A1D}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{3474A7E5-83D7-4D66-8EDB-22D680C356C9}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{38F53D20-414A-4E2F-85A0-E81BC919A253}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{46452818-9701-4C32-B21C-6CD551F3EFDA}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{49CF86B9-E18D-4BF8-9873-E162D4758E7A}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{5030BD8D-485B-4D1C-9DF7-D03CCDC36F88}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{50B90722-7649-4F81-B911-4D4A97F39651}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{5A10774B-F62E-414A-9CDC-DA56A08537AD}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{6057D2B9-9B0C-4726-8669-A577C50EBDD2}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{69BFDD4C-97F3-46A1-B655-1C58BCBA06BC}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{702FA11D-F9D8-4AFB-A41A-E4B415F4FE30}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{79B74A05-D6C5-436A-8D57-DBCD93427CB5}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{79F680A8-2E9E-49BC-9292-CAFE960EE157}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{85E6EBC5-DE6F-4588-99C3-8D8FD2006AC8}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{87375E94-02D9-4044-89C4-D138AF1F3C4D}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{8E7091D3-15B7-4CCD-B1EC-C98B7B9ED6CD}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{9282A1BD-8060-44B6-8E76-BC92F36E713B}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{9AEA54BC-0484-4F25-AB0C-9319F5C7B449}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{A0CDD9A6-596C-4E03-8BDB-41F0E2CC8869}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{A1484911-2BC4-4345-B9B9-72AD60F0299F}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{A7113A58-027D-494B-B299-ABB5E784F2C3}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{A7D12005-641E-4F94-93D3-853010F60E7C}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{B0E5172A-0AF5-4D3C-ADD1-32A7CE5FF0A6}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{B7385916-AEEA-465C-A296-DADC24D81F43}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{B85F7DE4-AD7B-4C78-923D-D5268C9A5630}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{BE69CBA2-0D5E-43B8-9914-E9204EC04713}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{D0744D51-5B5F-4347-BFBE-EFCCE2BA3646}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{FAF97095-4A32-4E84-84F6-2C85301519BC}



~~~ FireFox

Successfully deleted: [File] C:\Users\Sandra\AppData\Roaming\mozilla\firefox\profiles\nppj2xpj.default\extensions\firefox@whilokii.net.xpi
Emptied folder: C:\Users\Sandra\AppData\Roaming\mozilla\firefox\profiles\nppj2xpj.default\minidumps [142 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.01.2014 at 21:14:46,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 14.01.2014, 21:22   #9
orchidee12
 
Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



und hier die Malwarebytes txt. Datei. Ich habe diese als zip Datei in den Anhang gemacht, da mir hier angezeigt wurde, dass die txt. Datei an sich zu groß wäre, um sie hier in der Nachricht zu posten.

Alt 14.01.2014, 21:49   #10
orchidee12
 
Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



Ich habe alles natürlich in der Reihenfolge gemacht, wie du es mir geschrieben hast. Habe das jetzt hier nur nicht in der Reihenfolge so gepostet.

und hier noch die frische FRST Logdatei:

Code:
ATTFilter
ComboFix 14-01-08.03 - Sandra 14.01.2014  21:27:26.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3946.1827 [GMT 1:00]
ausgeführt von:: c:\users\Sandra\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Sandra\AppData\Local\assembly\tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-14 bis 2014-01-14  ))))))))))))))))))))))))))))))
.
.
2014-01-14 20:40 . 2014-01-14 20:40	--------	d-----w-	c:\users\TEMP\AppData\Local\temp
2014-01-14 20:40 . 2014-01-14 20:40	--------	d-----w-	c:\users\ReportServer\AppData\Local\temp
2014-01-14 20:40 . 2014-01-14 20:40	--------	d-----w-	c:\users\MSSQLServerOLAPService\AppData\Local\temp
2014-01-14 20:40 . 2014-01-14 20:40	--------	d-----w-	c:\users\MSSQLSERVER\AppData\Local\temp
2014-01-14 20:40 . 2014-01-14 20:40	--------	d-----w-	c:\users\MSSQLFDLauncher\AppData\Local\temp
2014-01-14 20:40 . 2014-01-14 20:40	--------	d-----w-	c:\users\MsDtsServer110\AppData\Local\temp
2014-01-14 20:40 . 2014-01-14 20:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-14 20:05 . 2014-01-14 20:05	--------	d-----w-	c:\windows\ERUNT
2014-01-14 19:42 . 2014-01-14 19:50	--------	d-----w-	C:\AdwCleaner
2014-01-14 14:13 . 2014-01-14 20:18	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{282C6CF7-7497-4ED9-B18A-2F41C81C72A5}\offreg.dll
2014-01-14 11:27 . 2013-12-16 00:54	10315576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{282C6CF7-7497-4ED9-B18A-2F41C81C72A5}\mpengine.dll
2014-01-13 16:36 . 2014-01-13 16:36	--------	d-----w-	c:\users\Sandra\AppData\Roaming\Malwarebytes
2014-01-13 16:36 . 2014-01-13 16:36	--------	d-----w-	c:\programdata\Malwarebytes
2014-01-13 16:36 . 2014-01-13 16:36	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-13 16:36 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-01-10 15:16 . 2014-01-14 20:25	--------	d-----w-	c:\users\Sandra\AppData\Roaming\stickies
2014-01-10 15:16 . 2014-01-10 15:16	534	----a-w-	c:\windows\uninstallstickies.bat
2014-01-10 15:16 . 2014-01-10 15:16	--------	d-----w-	c:\program files (x86)\Stickies
2014-01-10 14:20 . 2014-01-10 14:20	8192	----a-r-	c:\users\Sandra\AppData\Roaming\Microsoft\Installer\{CC98E8B3-FAAA-4D09-A813-A44C9FA1A3EE}\Icon3DF154B95.exe
2014-01-10 14:20 . 2014-01-10 14:20	55296	----a-r-	c:\users\Sandra\AppData\Roaming\Microsoft\Installer\{CC98E8B3-FAAA-4D09-A813-A44C9FA1A3EE}\IconCC98E8B3.exe
2014-01-10 12:16 . 2014-01-10 12:17	--------	d-----w-	c:\program files (x86)\StarUML
2014-01-09 20:14 . 2014-01-09 20:14	--------	d-----w-	C:\FRST
2014-01-07 19:38 . 2014-01-07 19:38	--------	d-----w-	c:\windows\Migration
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-18 15:31 . 2013-08-07 17:33	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-12-18 15:31 . 2013-08-07 17:32	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-12-18 15:31 . 2013-08-07 17:32	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-12-15 16:34 . 2012-04-21 18:28	90708896	----a-w-	c:\windows\system32\MRT.exe
2013-12-11 20:14 . 2012-04-21 10:34	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 20:14 . 2011-10-21 01:10	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 20:14 . 2013-12-11 20:14	9272200	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-08 13:38 . 2013-10-30 20:29	498752	----a-w-	c:\programdata\Microsoft\VisualStudio\10.0\1031\ResourceCache.dll
2013-12-08 10:51 . 2013-12-08 10:45	2590976	----a-w-	c:\programdata\Microsoft\VisualStudio\11.0\1031\ResourceCache.dll
2013-12-07 20:23 . 2013-12-07 20:23	283064	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-11-26 11:54 . 2013-12-12 02:05	23183360	----a-w-	c:\windows\system32\mshtml.dll
2013-11-26 11:25 . 2010-11-21 03:27	267936	------w-	c:\windows\system32\MpSigStub.exe
2013-11-26 10:19 . 2013-12-12 02:05	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 02:05	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 02:05	66048	----a-w-	c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 02:05	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 02:05	2764288	----a-w-	c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 02:05	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 02:05	33792	----a-w-	c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 02:05	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 02:05	574976	----a-w-	c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 02:05	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 02:05	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 02:05	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 02:05	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 02:04	5769216	----a-w-	c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 02:05	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 02:04	4243968	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 02:04	1995264	----a-w-	c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 02:04	12996608	----a-w-	c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 02:04	1928192	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 02:04	2334208	----a-w-	c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 02:04	1395200	----a-w-	c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 02:05	817664	----a-w-	c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 02:05	1820160	----a-w-	c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 23:28	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 23:28	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-11-13 18:53 . 2012-09-02 13:33	46368	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-11-12 23:25 . 2013-11-12 23:25	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-12 23:25 . 2013-11-12 23:25	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-12 23:25 . 2013-11-12 23:25	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-12 23:25 . 2013-11-12 23:25	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2013-11-12 23:25 . 2013-11-12 23:25	235008	----a-w-	c:\windows\system32\elshyph.dll
2013-11-12 23:25 . 2013-11-12 23:25	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2013-11-12 23:25 . 2013-11-12 23:25	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-11-12 23:25 . 2013-11-12 23:25	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-12 23:25 . 2013-11-12 23:25	337408	----a-w-	c:\windows\SysWow64\html.iec
2013-11-12 23:25 . 2013-11-12 23:25	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-11-12 23:25 . 2013-11-12 23:25	454656	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-11-12 23:25 . 2013-11-12 23:25	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-11-12 23:25 . 2013-11-12 23:25	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-11-12 23:25 . 2013-11-12 23:25	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2013-11-12 23:25 . 2013-11-12 23:25	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-11-12 23:25 . 2013-11-12 23:25	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-11-12 23:25 . 2013-11-12 23:25	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-12 23:25 . 2013-11-12 23:25	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2013-11-12 23:25 . 2013-11-12 23:25	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2013-11-12 23:25 . 2013-11-12 23:25	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-11-12 23:25 . 2013-11-12 23:25	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-11-12 23:25 . 2013-11-12 23:25	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2013-11-12 23:25 . 2013-11-12 23:25	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-11-12 23:25 . 2013-11-12 23:25	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-11-12 23:25 . 2013-11-12 23:25	942592	----a-w-	c:\windows\system32\jsIntl.dll
2013-11-12 23:25 . 2013-11-12 23:25	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-11-12 23:25 . 2013-11-12 23:25	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-11-12 23:25 . 2013-11-12 23:25	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-11-12 23:25 . 2013-11-12 23:25	247808	----a-w-	c:\windows\system32\msls31.dll
2013-11-12 23:25 . 2013-11-12 23:25	195584	----a-w-	c:\windows\system32\msrating.dll
2013-11-12 23:25 . 2013-11-12 23:25	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2013-11-12 23:25 . 2013-11-12 23:25	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-11-12 23:25 . 2013-11-12 23:25	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-11-12 23:25 . 2013-11-12 23:25	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-11-12 23:25 . 2013-11-12 23:25	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-12 23:25 . 2013-11-12 23:25	105984	----a-w-	c:\windows\system32\iesysprep.dll
2013-11-12 23:25 . 2013-11-12 23:25	84992	----a-w-	c:\windows\system32\mshtmled.dll
2013-11-12 23:25 . 2013-11-12 23:25	81408	----a-w-	c:\windows\system32\icardie.dll
2013-11-12 23:25 . 2013-11-12 23:25	626176	----a-w-	c:\windows\system32\msfeeds.dll
2013-11-12 23:25 . 2013-11-12 23:25	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2013-11-12 23:25 . 2013-11-12 23:25	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2013-11-12 23:25 . 2013-11-12 23:25	413696	----a-w-	c:\windows\system32\html.iec
2013-11-12 23:25 . 2013-11-12 23:25	30208	----a-w-	c:\windows\system32\licmgr10.dll
2013-11-12 23:25 . 2013-11-12 23:25	296960	----a-w-	c:\windows\system32\dxtrans.dll
2013-11-12 23:25 . 2013-11-12 23:25	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2013-11-12 23:25 . 2013-11-12 23:25	243200	----a-w-	c:\windows\system32\webcheck.dll
2013-11-12 23:25 . 2013-11-12 23:25	235520	----a-w-	c:\windows\system32\url.dll
2013-11-12 23:25 . 2013-11-12 23:25	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-11-12 23:25 . 2013-11-12 23:25	143872	----a-w-	c:\windows\system32\wextract.exe
2013-11-12 23:25 . 2013-11-12 23:25	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-11-12 23:25 . 2013-11-12 23:25	101376	----a-w-	c:\windows\system32\inseng.dll
2013-11-12 23:25 . 2013-11-12 23:25	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2013-11-12 23:25 . 2013-11-12 23:25	774144	----a-w-	c:\windows\system32\jscript.dll
2013-11-12 23:25 . 2013-11-12 23:25	62464	----a-w-	c:\windows\system32\pngfilt.dll
2013-11-12 23:25 . 2013-11-12 23:25	548352	----a-w-	c:\windows\system32\vbscript.dll
2013-11-12 23:25 . 2013-11-12 23:25	48128	----a-w-	c:\windows\system32\imgutil.dll
2013-11-12 23:25 . 2013-11-12 23:25	147968	----a-w-	c:\windows\system32\occache.dll
2013-11-12 23:25 . 2013-11-12 23:25	13824	----a-w-	c:\windows\system32\mshta.exe
2013-11-12 23:25 . 2013-11-12 23:25	135680	----a-w-	c:\windows\system32\iepeers.dll
2013-11-12 02:23 . 2013-12-11 23:28	2048	----a-w-	c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 23:28	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-11-11 17:57 . 2013-11-11 17:59	62752768	----a-w-	c:\program files\HTC Sync Manager.msi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-24 11:49	220632	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-24 11:49	220632	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-24 11:49	220632	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	131248	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
"Spotify Web Helper"="c:\users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-10 1168896]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-15 1081424]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-12-24 27760]
"starter4g"="c:\windows\starter4g.exe" [2010-04-30 160424]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-18 684600]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2013-10-10 707984]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Sandra\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-12-18 30714312]
Stickies.lnk - c:\program files (x86)\Stickies\stickies.exe [2014-1-10 1134592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2011-11-27 723560]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
R2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
R2 MsDtsServer110;SQL Server Integration Services 11.0;c:\program files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe;c:\program files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [x]
R2 redmineApache;redmineApache;c:\bitnami\REDMIN~1.3-1\apache2\bin\httpd.exe;c:\bitnami\REDMIN~1.3-1\apache2\bin\httpd.exe [x]
R2 redmineSubversion;redmineSubversion;c:\bitnami\redmine-2.3.3-1\subversion\scripts\winserv.exe;c:\bitnami\redmine-2.3.3-1\subversion\scripts\winserv.exe [x]
R2 redmineThin1;redmineThin1 (managed by WinServ);c:\bitnami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe;c:\bitnami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe [x]
R2 redmineThin2;redmineThin2 (managed by WinServ);c:\bitnami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe;c:\bitnami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmnsusbser.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SQL Server Distributed Replay Client;SQL Server Distributed Replay Client;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [x]
R3 SQL Server Distributed Replay Controller;SQL Server Distributed Replay Controller;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe;c:\program files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 RsFx0201;RsFx0201 Driver;c:\windows\system32\DRIVERS\RsFx0201.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0201.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 FFSOpzSvc;Sleep memory optimizer;c:\program files\Sleep Memory Optimizer\FFSService.exe;c:\program files\Sleep Memory Optimizer\FFSService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 redmineMySQL;redmineMySQL;c:\bitnami\redmine-2.3.3-1\mysql\bin\mysqld.exe;c:\bitnami\redmine-2.3.3-1\mysql\bin\mysqld.exe [x]
S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe;c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 WTGService;WTGService;c:\program files (x86)\XSManager\WTGService.exe;c:\program files (x86)\XSManager\WTGService.exe [x]
S2 XS Stick Service;XS Stick Service;c:\windows\service4g.exe;c:\windows\service4g.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe;c:\program files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 20:14]
.
2014-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000Core.job
- c:\users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25 10:23]
.
2014-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000UA.job
- c:\users\Sandra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25 10:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-24 11:49	244696	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-24 11:49	244696	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-24 11:49	244696	----a-w-	c:\users\Sandra\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Sandra\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-16 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-16 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-16 416024]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-10 12666984]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-10 2275944]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.Google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Sandra\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
LSP: %windir%\system32\vsocklib.dll
FF - ProfilePath - c:\users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\
FF - prefs.js: browser.search.selectedEngine - Doko Search
FF - prefs.js: browser.search.selectedEngine - StartWeb
FF - ExtSQL: 2014-01-10 13:19; webbooster@iminent.com; c:\users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\extensions\webbooster@iminent.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
.
.
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ReportServerSharePoint:Service]
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-14  21:45:13
ComboFix-quarantined-files.txt  2014-01-14 20:45
ComboFix2.txt  2014-01-12 16:31
.
Vor Suchlauf: 19 Verzeichnis(se), 95.592.464.384 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 95.501.623.296 Bytes frei
.
- - End Of File - - 504B458FC5518CDC7B0C4D2A44C8D546
         

Alt 15.01.2014, 13:19   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.01.2014, 23:47   #12
orchidee12
 
Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



hier die ESET.log:

Code:
ATTFilter
# scanned=243692
# found=2
# cleaned=0
# scan_time=56503
sh=489879551C877644C60EADF3BD50AEB9FEE29E98 ft=0 fh=0000000000000000 vn="Win32/AdWare.AddLyrics.T application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\LyricsPal\133.crx.vir"
sh=D6CE6F9011EC8AD4D840C7D2DD23680B51D7CEEB ft=1 fh=56a8308eaf76a6e6 vn="a variant of Win32/AdWare.AddLyrics.W application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\LyricsPal\Uninstall.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f9d8941fff596146a88bb3de17d70361
# engine=16703
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-18 09:11:33
# local_time=2014-01-18 10:11:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 30574 135846113 23325 0
# compatibility_mode=5893 16776573 100 94 128442 141709343 0 0
# scanned=336440
# found=2
# cleaned=0
# scan_time=23284
sh=489879551C877644C60EADF3BD50AEB9FEE29E98 ft=0 fh=0000000000000000 vn="Win32/AdWare.AddLyrics.T application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\LyricsPal\133.crx.vir"
sh=D6CE6F9011EC8AD4D840C7D2DD23680B51D7CEEB ft=1 fh=56a8308eaf76a6e6 vn="a variant of Win32/AdWare.AddLyrics.W application" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\LyricsPal\Uninstall.exe.vir"
         
hier die checkup.txt:

Code:
ATTFilter
Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 TuneUp Utilities 2014   
 TuneUp Utilities 2014 (de-DE)  
 TuneUp Utilities 2014   
 JavaFX 2.1.1    
 Java 7 Update 25  
 Visual Studio Extensions for Windows Library for JavaScript 
 Java version out of Date! 
 Adobe Flash Player 11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox 24.0 Firefox out of Date!  
 Google Chrome 32.0.1700.72  
 Google Chrome 32.0.1700.76  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 ESET ESET Online Scanner OnlineScannerApp.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Symantec Norton Online Backup NOBuAgent.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
und hiier ein frisches FRST.log


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by Sandra (administrator) on SANDRA-PC on 18-01-2014 23:38:17
Running from C:\Users\Sandra\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Sleep Memory Optimizer\FFSService.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(Spotify Ltd) C:\Users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Sandra\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Apache Software Foundation) C:\BitNami\redmine-2.3.3-1\apache2\bin\httpd.exe
() C:\BitNami\redmine-2.3.3-1\mysql\bin\mysqld.exe
() C:\BitNami\redmine-2.3.3-1\subversion\scripts\winserv.exe
(hxxp://subversion.apache.org/) C:\BitNami\redmine-2.3.3-1\subversion\bin\svnserve.exe
() C:\BitNami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe
() C:\BitNami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe
(hxxp://www.ruby-lang.org/) C:\BitNami\redmine-2.3.3-1\ruby\bin\ruby.exe
(Apache Software Foundation) C:\BitNami\redmine-2.3.3-1\apache2\bin\httpd.exe
(hxxp://www.ruby-lang.org/) C:\BitNami\redmine-2.3.3-1\ruby\bin\ruby.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sandra\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2275944 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2642728 2011-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-15] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [LGODDFU] - C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-12-24] (Bitleader)
HKLM-x32\...\Run: [starter4g] - C:\Windows\starter4g.exe [160424 2010-04-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Advanced SystemCare 6] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Sandra\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-02] ()
HKU\MsDtsServer110\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-02] ()
HKU\TEMP\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-02] ()
Startup: C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sandra\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default
FF DefaultSearchEngine: Doko Search
FF SelectedSearchEngine: Doko Search
FF SelectedSearchEngine: StartWeb
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sandra\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sandra\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\ascsurfingprotection@iobit.com [2012-12-24]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\ich@maltegoetz.de [2013-07-26]
FF Extension: Speed Test 127 - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\speedtest4354@BestOffers [2014-01-10]
FF Extension: Zotero Word for Windows Integration - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\zoteroWinWordIntegration@zotero.org [2013-06-25]
FF Extension: Garmin Communicator - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-06-06]
FF Extension: Zotero - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-03]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\nppj2xpj.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF HKCU\...\Firefox\Extensions: [{8f5010e2-9577-4aed-ad42-f2098ea15def}] - C:\Program Files (x86)\LyricsPal\133.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: start.iminent.com
CHR DefaultSearchProvider: StartWeb
CHR DefaultSearchURL: hxxp://start.iminent.com/?appId=D7691CB2-F1A9-4B77-9297-CA30AA686631&ref=toolbox&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Sandra\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Update) - C:\Users\Sandra\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-25]
CHR Extension: (Google Drive) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-25]
CHR Extension: (YouTube) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-25]
CHR Extension: (Google-Suche) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-25]
CHR Extension: (AdBlock) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-31]
CHR Extension: (MonoChrome) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnlphmmcijokifloflhecnkkhbpdnnk [2013-10-06]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-08-25]
CHR Extension: (WeatherBug) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2013-10-06]
CHR Extension: (Google Wallet) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Google Mail) - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-25]
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx [2013-08-25]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx [2012-12-24]

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
R2 FFSOpzSvc; C:\Program Files\Sleep Memory Optimizer\FFSService.exe [141192 2011-09-17] (Acer Incorporated)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [219992 2013-06-04] (Garmin Ltd or its subsidiaries)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218600 2012-12-29] (Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [192000 2012-12-29] (Microsoft Corporation)
R2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe [72497640 2012-10-20] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 redmineApache; C:\BitNami\REDMIN~1.3-1\apache2\bin\httpd.exe [22016 2013-07-16] (Apache Software Foundation)
R2 redmineMySQL; C:\BitNami\redmine-2.3.3-1\mysql\bin\mysqld.exe [8151040 2013-05-16] ()
R2 redmineSubversion; C:\BitNami\redmine-2.3.3-1\subversion\scripts\winserv.exe [34304 2012-09-03] ()
R2 redmineThin1; C:\BitNami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe [34304 2012-09-12] ()
R2 redmineThin2; C:\BitNami\redmine-2.3.3-1\apps\redmine\scripts\winserv.exe [34304 2012-09-12] ()
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2423792 2012-10-20] (Microsoft Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-11] (Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-11] (Microsoft Corporation)
S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [612864 2012-12-29] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-25] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2010-04-30] (4G Systems GmbH & Co. KG)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-10] (Atheros)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-13] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2013-04-22] (Mobile Connector)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-07] (Disc Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-18 23:38 - 2014-01-18 23:38 - 00000000 ____D C:\Users\Sandra\Downloads\FRST-OlderVersion
2014-01-18 23:31 - 2014-01-18 23:31 - 00987425 _____ C:\Users\Sandra\Downloads\SecurityCheck.exe
2014-01-18 15:32 - 2014-01-18 15:33 - 02347384 _____ (ESET) C:\Users\Sandra\Downloads\esetsmartinstaller_enu (1).exe
2014-01-17 14:08 - 2014-01-17 23:59 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-17 14:01 - 2014-01-18 14:41 - 00000224 _____ C:\Windows\setupact.log
2014-01-17 14:01 - 2014-01-17 23:50 - 00011360 _____ C:\Windows\PFRO.log
2014-01-17 14:01 - 2014-01-17 14:01 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 10:20 - 2014-01-17 10:20 - 00000225 _____ C:\Users\Sandra\Desktop\ESET.txt
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-15 19:46 - 2014-01-15 19:46 - 02347384 _____ (ESET) C:\Users\Sandra\Downloads\esetsmartinstaller_enu.exe
2014-01-15 19:04 - 2014-01-15 19:04 - 00022528 _____ C:\Users\Sandra\Downloads\Aufgabe5.v11 (Sandra Krügers in Konflikt stehende Kopie 2014-01-13).suo
2014-01-15 18:08 - 2014-01-15 18:09 - 34881536 _____ C:\Users\Sandra\Downloads\BWA1-SAP01.ppt
2014-01-15 10:17 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 10:17 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 10:17 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 10:17 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 10:17 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 10:17 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 10:17 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 10:17 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 10:17 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 21:45 - 2014-01-14 21:45 - 00039132 _____ C:\ComboFix.txt
2014-01-14 21:14 - 2014-01-14 21:14 - 00005729 _____ C:\Users\Sandra\Desktop\JRT.txt
2014-01-14 21:05 - 2014-01-14 21:05 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 21:03 - 2014-01-14 21:03 - 01037068 _____ (Thisisu) C:\Users\Sandra\Downloads\JRT.exe
2014-01-14 20:42 - 2014-01-14 20:50 - 00000000 ____D C:\AdwCleaner
2014-01-14 20:40 - 2014-01-14 20:40 - 01236282 _____ C:\Users\Sandra\Downloads\adwcleaner.exe
2014-01-14 15:17 - 2014-01-14 14:21 - 01361920 _____ C:\Users\Sandra\Desktop\Aktivitätsdiagramm 2.EAP
2014-01-14 14:22 - 2014-01-14 15:17 - 01378304 _____ C:\Users\Sandra\Desktop\Aktivitätsdiagramm 1.EAP
2014-01-14 14:20 - 2014-01-17 11:34 - 01257472 _____ C:\Users\Sandra\Desktop\Use Cases Diagramm.EAP
2014-01-13 18:43 - 2014-01-13 18:43 - 00014288 _____ C:\Users\Sandra\Desktop\mbam-log-2014-01-13 (17-38-49).zip
2014-01-13 17:36 - 2014-01-13 17:36 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-13 17:36 - 2014-01-13 17:36 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Malwarebytes
2014-01-13 17:36 - 2014-01-13 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-13 17:36 - 2014-01-13 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-13 17:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-13 17:35 - 2014-01-13 17:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sandra\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-01-12 21:25 - 2014-01-12 21:25 - 00219348 _____ C:\Users\Sandra\Downloads\MDX2.ps
2014-01-12 16:59 - 2014-01-12 16:59 - 05162489 _____ (Swearware) C:\Users\Sandra\Downloads\ComboFix (2).exe
2014-01-12 16:58 - 2014-01-12 16:59 - 05162489 _____ (Swearware) C:\Users\Sandra\Downloads\ComboFix (1).exe
2014-01-12 16:57 - 2014-01-14 21:45 - 00000000 ____D C:\Qoobox
2014-01-12 16:57 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-12 16:57 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-12 16:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-12 16:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-12 16:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-12 16:57 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-12 16:57 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-12 16:57 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-12 16:56 - 2014-01-12 17:27 - 00000000 ____D C:\Windows\erdnt
2014-01-12 16:55 - 2014-01-12 16:55 - 05162489 ____R (Swearware) C:\Users\Sandra\Downloads\ComboFix.exe
2014-01-10 16:40 - 2014-01-10 16:40 - 00080934 _____ C:\Users\Sandra\Desktop\Addition_10.01.2014.txt
2014-01-10 16:16 - 2014-01-17 23:52 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\stickies
2014-01-10 16:16 - 2014-01-10 16:16 - 00000534 _____ C:\Windows\uninstallstickies.bat
2014-01-10 16:16 - 2014-01-10 16:16 - 00000000 ____D C:\Program Files (x86)\Stickies
2014-01-10 16:15 - 2014-01-10 16:15 - 01077248 _____ (Zhorn Software) C:\Users\Sandra\Downloads\stickies_setup_7.1e.exe
2014-01-10 15:27 - 2014-01-10 15:27 - 00001055 _____ C:\Users\Sandra\Desktop\USB DISK - Verknüpfung (3).lnk
2014-01-10 15:20 - 2014-01-10 15:20 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enterprise Architect 8
2014-01-10 15:18 - 2014-01-10 15:18 - 00001055 _____ C:\Users\Sandra\Desktop\USB DISK - Verknüpfung.lnk
2014-01-10 15:18 - 2014-01-10 15:18 - 00001055 _____ C:\Users\Sandra\Desktop\USB DISK - Verknüpfung (2).lnk
2014-01-10 14:07 - 2014-01-10 14:08 - 42562032 _____ C:\Users\Sandra\Downloads\easetup (6).exe
2014-01-10 14:04 - 2014-01-10 14:05 - 42562032 _____ C:\Users\Sandra\Downloads\easetup (5).exe
2014-01-10 13:19 - 2014-01-10 13:19 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-01-10 13:17 - 2014-01-10 13:17 - 00000897 _____ C:\Users\Sandra\Desktop\StarUML.lnk
2014-01-10 13:16 - 2014-01-10 13:17 - 00000000 ____D C:\Program Files (x86)\StarUML
2014-01-09 21:20 - 2014-01-10 16:35 - 00080934 _____ C:\Users\Sandra\Downloads\Addition.txt
2014-01-09 21:15 - 2014-01-18 23:38 - 00028453 _____ C:\Users\Sandra\Downloads\FRST.txt
2014-01-09 21:14 - 2014-01-18 23:38 - 00000000 ____D C:\FRST
2014-01-09 21:08 - 2014-01-18 23:38 - 02076160 _____ (Farbar) C:\Users\Sandra\Downloads\FRST64.exe
2014-01-08 21:07 - 2014-01-08 21:08 - 42562032 _____ C:\Users\Sandra\Downloads\easetup (4).exe
2014-01-07 20:16 - 2014-01-07 20:16 - 21520384 _____ C:\Windows\system32\config\system.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 174997504 _____ C:\Windows\system32\config\software.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 08306688 _____ C:\Windows\system32\config\default.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 00061440 _____ C:\Windows\system32\config\sam.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 00040960 _____ C:\Windows\system32\config\security.iobit
2014-01-02 18:03 - 2014-01-02 18:03 - 00197188 _____ C:\Users\Sandra\Downloads\HTW_M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_V2_WS2013_14_E_26696581.xlsx
2014-01-02 18:03 - 2014-01-02 18:03 - 00192259 _____ C:\Users\Sandra\Downloads\M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_WS2013_14_E_26624875 (5).xlsx
2014-01-02 18:02 - 2014-01-02 18:02 - 00192259 _____ C:\Users\Sandra\Downloads\M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_WS2013_14_E_26624875 (4).xlsx
2014-01-02 18:01 - 2014-01-02 18:01 - 00013662 _____ C:\Users\Sandra\Downloads\Gruppeneinteilung_WS2013_14_26540674.xlsx
2013-12-25 21:59 - 2013-12-25 21:59 - 03622400 _____ C:\Users\Sandra\Downloads\Part_I Swarm Intelligence.ppt

==================== One Month Modified Files and Folders =======

2014-01-18 23:38 - 2014-01-18 23:38 - 00000000 ____D C:\Users\Sandra\Downloads\FRST-OlderVersion
2014-01-18 23:38 - 2014-01-09 21:15 - 00028453 _____ C:\Users\Sandra\Downloads\FRST.txt
2014-01-18 23:38 - 2014-01-09 21:14 - 00000000 ____D C:\FRST
2014-01-18 23:38 - 2014-01-09 21:08 - 02076160 _____ (Farbar) C:\Users\Sandra\Downloads\FRST64.exe
2014-01-18 23:31 - 2014-01-18 23:31 - 00987425 _____ C:\Users\Sandra\Downloads\SecurityCheck.exe
2014-01-18 23:14 - 2012-04-21 11:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-18 22:56 - 2013-08-25 11:23 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000UA.job
2014-01-18 22:48 - 2013-10-20 19:54 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Dropbox
2014-01-18 22:46 - 2011-11-27 05:12 - 01333046 _____ C:\Windows\WindowsUpdate.log
2014-01-18 17:37 - 2012-08-08 08:46 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Spotify
2014-01-18 17:37 - 2012-08-08 08:46 - 00000000 ____D C:\Users\Sandra\AppData\Local\Spotify
2014-01-18 15:56 - 2013-08-25 11:23 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1342352085-1474860587-1104643860-1000Core.job
2014-01-18 15:33 - 2014-01-18 15:32 - 02347384 _____ (ESET) C:\Users\Sandra\Downloads\esetsmartinstaller_enu (1).exe
2014-01-18 14:41 - 2014-01-17 14:01 - 00000224 _____ C:\Windows\setupact.log
2014-01-18 00:03 - 2009-07-14 05:45 - 00024432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-18 00:03 - 2009-07-14 05:45 - 00024432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-17 23:59 - 2014-01-17 14:08 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-17 23:55 - 2013-11-19 17:26 - 00000000 ____D C:\ProgramData\VMware
2014-01-17 23:53 - 2013-10-20 19:59 - 00000000 ___RD C:\Users\Sandra\Dropbox
2014-01-17 23:52 - 2014-01-10 16:16 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\stickies
2014-01-17 23:52 - 2013-11-11 19:03 - 00000000 ____D C:\Users\Sandra\AppData\Local\HTC MediaHub
2014-01-17 23:51 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-17 23:50 - 2014-01-17 14:01 - 00011360 _____ C:\Windows\PFRO.log
2014-01-17 19:09 - 2013-12-12 02:40 - 02175418 _____ C:\Users\Sandra\Documents\WordRqmErrors.log
2014-01-17 14:01 - 2014-01-17 14:01 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 11:34 - 2014-01-14 14:20 - 01257472 _____ C:\Users\Sandra\Desktop\Use Cases Diagramm.EAP
2014-01-17 10:20 - 2014-01-17 10:20 - 00000225 _____ C:\Users\Sandra\Desktop\ESET.txt
2014-01-16 13:16 - 2011-11-27 13:54 - 00870162 _____ C:\Windows\system32\perfh007.dat
2014-01-16 13:16 - 2011-11-27 13:54 - 00214054 _____ C:\Windows\system32\perfc007.dat
2014-01-16 13:16 - 2009-07-14 06:13 - 02067612 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-16 12:21 - 2013-11-19 17:29 - 00000000 ____D C:\Users\Sandra\AppData\Local\VMware
2014-01-16 12:17 - 2013-10-20 19:59 - 00001025 _____ C:\Users\Sandra\Desktop\Dropbox.lnk
2014-01-16 12:17 - 2013-10-20 19:55 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 12:17 - 2013-08-15 19:23 - 00001251 _____ C:\Windows\wininit.ini
2014-01-16 12:17 - 2012-04-21 10:06 - 00000000 ___RD C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 11:55 - 2013-11-19 17:29 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\VMware
2014-01-15 19:47 - 2014-01-15 19:47 - 00000000 ____D C:\Program Files (x86)\ESET
2014-01-15 19:46 - 2014-01-15 19:46 - 02347384 _____ (ESET) C:\Users\Sandra\Downloads\esetsmartinstaller_enu.exe
2014-01-15 19:04 - 2014-01-15 19:04 - 00022528 _____ C:\Users\Sandra\Downloads\Aufgabe5.v11 (Sandra Krügers in Konflikt stehende Kopie 2014-01-13).suo
2014-01-15 18:09 - 2014-01-15 18:08 - 34881536 _____ C:\Users\Sandra\Downloads\BWA1-SAP01.ppt
2014-01-15 17:38 - 2013-12-08 00:13 - 00000000 ____D C:\Users\MSSQLFDLauncher
2014-01-15 17:36 - 2009-07-14 05:45 - 00466096 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 17:31 - 2013-08-17 00:35 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 17:26 - 2012-04-21 19:28 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 17:21 - 2012-04-21 11:32 - 00000272 _____ C:\Windows\lgfwup.ini
2014-01-15 17:21 - 2012-04-21 11:32 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate
2014-01-15 17:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-15 16:59 - 2012-05-23 16:19 - 00000000 ____D C:\Users\Sandra\AppData\Local\CrashDumps
2014-01-15 10:07 - 2013-08-25 11:23 - 00002370 _____ C:\Users\Sandra\Desktop\Google Chrome.lnk
2014-01-14 21:45 - 2014-01-14 21:45 - 00039132 _____ C:\ComboFix.txt
2014-01-14 21:45 - 2014-01-12 16:57 - 00000000 ____D C:\Qoobox
2014-01-14 21:40 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-14 21:14 - 2014-01-14 21:14 - 00005729 _____ C:\Users\Sandra\Desktop\JRT.txt
2014-01-14 21:05 - 2014-01-14 21:05 - 00000000 ____D C:\Windows\ERUNT
2014-01-14 21:03 - 2014-01-14 21:03 - 01037068 _____ (Thisisu) C:\Users\Sandra\Downloads\JRT.exe
2014-01-14 20:50 - 2014-01-14 20:42 - 00000000 ____D C:\AdwCleaner
2014-01-14 20:50 - 2013-08-25 11:23 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-01-14 20:50 - 2013-08-15 19:23 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-01-14 20:40 - 2014-01-14 20:40 - 01236282 _____ C:\Users\Sandra\Downloads\adwcleaner.exe
2014-01-14 15:17 - 2014-01-14 14:22 - 01378304 _____ C:\Users\Sandra\Desktop\Aktivitätsdiagramm 1.EAP
2014-01-14 14:21 - 2014-01-14 15:17 - 01361920 _____ C:\Users\Sandra\Desktop\Aktivitätsdiagramm 2.EAP
2014-01-13 18:43 - 2014-01-13 18:43 - 00014288 _____ C:\Users\Sandra\Desktop\mbam-log-2014-01-13 (17-38-49).zip
2014-01-13 17:36 - 2014-01-13 17:36 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-13 17:36 - 2014-01-13 17:36 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Malwarebytes
2014-01-13 17:36 - 2014-01-13 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-13 17:36 - 2014-01-13 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-13 17:35 - 2014-01-13 17:35 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sandra\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-01-13 01:00 - 2013-12-08 11:42 - 00000000 ____D C:\Users\Sandra\Documents\Visual Studio 2012
2014-01-13 01:00 - 2013-10-30 21:43 - 00000000 ____D C:\Users\Sandra\Documents\SQL Server Management Studio
2014-01-12 21:25 - 2014-01-12 21:25 - 00219348 _____ C:\Users\Sandra\Downloads\MDX2.ps
2014-01-12 17:31 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2014-01-12 17:27 - 2014-01-12 16:56 - 00000000 ____D C:\Windows\erdnt
2014-01-12 17:17 - 2009-07-14 03:34 - 21757952 _____ C:\Windows\system32\config\system.bak
2014-01-12 17:17 - 2009-07-14 03:34 - 174997504 _____ C:\Windows\system32\config\software.bak
2014-01-12 17:17 - 2009-07-14 03:34 - 08306688 _____ C:\Windows\system32\config\default.bak
2014-01-12 17:17 - 2009-07-14 03:34 - 00061440 _____ C:\Windows\system32\config\sam.bak
2014-01-12 17:17 - 2009-07-14 03:34 - 00040960 _____ C:\Windows\system32\config\security.bak
2014-01-12 16:59 - 2014-01-12 16:59 - 05162489 _____ (Swearware) C:\Users\Sandra\Downloads\ComboFix (2).exe
2014-01-12 16:59 - 2014-01-12 16:58 - 05162489 _____ (Swearware) C:\Users\Sandra\Downloads\ComboFix (1).exe
2014-01-12 16:55 - 2014-01-12 16:55 - 05162489 ____R (Swearware) C:\Users\Sandra\Downloads\ComboFix.exe
2014-01-10 16:40 - 2014-01-10 16:40 - 00080934 _____ C:\Users\Sandra\Desktop\Addition_10.01.2014.txt
2014-01-10 16:35 - 2014-01-09 21:20 - 00080934 _____ C:\Users\Sandra\Downloads\Addition.txt
2014-01-10 16:16 - 2014-01-10 16:16 - 00000534 _____ C:\Windows\uninstallstickies.bat
2014-01-10 16:16 - 2014-01-10 16:16 - 00000000 ____D C:\Program Files (x86)\Stickies
2014-01-10 16:15 - 2014-01-10 16:15 - 01077248 _____ (Zhorn Software) C:\Users\Sandra\Downloads\stickies_setup_7.1e.exe
2014-01-10 15:27 - 2014-01-10 15:27 - 00001055 _____ C:\Users\Sandra\Desktop\USB DISK - Verknüpfung (3).lnk
2014-01-10 15:20 - 2014-01-10 15:20 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enterprise Architect 8
2014-01-10 15:20 - 2013-11-08 11:28 - 00000000 ____D C:\Program Files (x86)\Sparx Systems
2014-01-10 15:20 - 2013-11-08 11:18 - 00001981 _____ C:\Users\Sandra\Desktop\Enterprise Architect.lnk
2014-01-10 15:18 - 2014-01-10 15:18 - 00001055 _____ C:\Users\Sandra\Desktop\USB DISK - Verknüpfung.lnk
2014-01-10 15:18 - 2014-01-10 15:18 - 00001055 _____ C:\Users\Sandra\Desktop\USB DISK - Verknüpfung (2).lnk
2014-01-10 14:08 - 2014-01-10 14:07 - 42562032 _____ C:\Users\Sandra\Downloads\easetup (6).exe
2014-01-10 14:05 - 2014-01-10 14:04 - 42562032 _____ C:\Users\Sandra\Downloads\easetup (5).exe
2014-01-10 13:19 - 2014-01-10 13:19 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-01-10 13:17 - 2014-01-10 13:17 - 00000897 _____ C:\Users\Sandra\Desktop\StarUML.lnk
2014-01-10 13:17 - 2014-01-10 13:16 - 00000000 ____D C:\Program Files (x86)\StarUML
2014-01-10 11:18 - 2013-10-30 21:16 - 02041892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-08 22:49 - 2013-06-12 19:24 - 00003730 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-01-08 21:08 - 2014-01-08 21:07 - 42562032 _____ C:\Users\Sandra\Downloads\easetup (4).exe
2014-01-07 21:53 - 2012-07-01 13:50 - 00000000 ____D C:\Users\Sandra\Documents\Outlook-Dateien
2014-01-07 20:16 - 2014-01-07 20:16 - 21520384 _____ C:\Windows\system32\config\system.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 174997504 _____ C:\Windows\system32\config\software.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 08306688 _____ C:\Windows\system32\config\default.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 00061440 _____ C:\Windows\system32\config\sam.iobit
2014-01-07 20:16 - 2014-01-07 20:16 - 00040960 _____ C:\Windows\system32\config\security.iobit
2014-01-07 20:16 - 2013-12-08 00:16 - 00000000 ____D C:\Users\ReportServer
2014-01-07 20:16 - 2013-12-08 00:16 - 00000000 ____D C:\Users\MSSQLServerOLAPService
2014-01-07 20:16 - 2013-12-08 00:14 - 00000000 ____D C:\Users\MsDtsServer110
2014-01-07 20:16 - 2013-12-08 00:13 - 00000000 ____D C:\Users\MSSQLSERVER
2014-01-07 20:16 - 2012-04-21 10:05 - 00000000 ____D C:\Users\Sandra
2014-01-04 16:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-02 18:03 - 2014-01-02 18:03 - 00197188 _____ C:\Users\Sandra\Downloads\HTW_M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_V2_WS2013_14_E_26696581.xlsx
2014-01-02 18:03 - 2014-01-02 18:03 - 00192259 _____ C:\Users\Sandra\Downloads\M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_WS2013_14_E_26624875 (5).xlsx
2014-01-02 18:02 - 2014-01-02 18:02 - 00192259 _____ C:\Users\Sandra\Downloads\M1.1_Betriebswirtschaftliche_Anwendungen_1_Anforderungsprofil_WS2013_14_E_26624875 (4).xlsx
2014-01-02 18:01 - 2014-01-02 18:01 - 00013662 _____ C:\Users\Sandra\Downloads\Gruppeneinteilung_WS2013_14_26540674.xlsx
2013-12-25 21:59 - 2013-12-25 21:59 - 03622400 _____ C:\Users\Sandra\Downloads\Part_I Swarm Intelligence.ppt
2013-12-25 20:58 - 2012-05-20 23:18 - 00000000 ____D C:\Users\Sandra\Filme

Some content of TEMP:
====================
C:\Users\Sandra\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-13 13:24

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 19.01.2014, 11:12   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



Java und Firefox updaten.

Fertig

Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.02.2014, 19:42   #14
orchidee12
 
Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



Vielen dank für die Behebung des Problems!

Ich habe alles erledigt!

Alt 03.02.2014, 16:36   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Standard

Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner
anhang, avira, befinden, beiträge, datei, download, erhalte, gefälschte, hallo zusammen, heute, interne, internet, klicke, klicken, laptop, link, link geklickt, mail, mobilfunk, rechnung, rechnungonline, seite, telekom, trojaner, virus, wahrscheinlich, zusammen



Ähnliche Themen: Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner


  1. (iPhone) Yahoo-Mail von Freundin erhalten mit Link - blöderweise geklickt auf Iphone4s
    Smartphone, Tablet & Handy Security - 09.09.2015 (1)
  2. Windows8: Leider auf Link in Telekom Rechnungsmail geklickt
    Log-Analyse und Auswertung - 23.06.2015 (17)
  3. gefälschte Rechnung von Vodaphone mit falschem Link zur angeblichen .pdf-Rechnung
    Plagegeister aller Art und deren Bekämpfung - 18.12.2014 (9)
  4. gefälschte Telekom Rechnungsmail, Link zum Pdf geclickt
    Log-Analyse und Auswertung - 27.11.2014 (5)
  5. Gefälschte Telekom Rechnung (E-Mail) geöffnet
    Plagegeister aller Art und deren Bekämpfung - 20.11.2014 (3)
  6. SPAM Mail von yahoo.com erhalten und auf Link geklickt
    Log-Analyse und Auswertung - 30.06.2014 (13)
  7. SPAM Mail von Telekom und auf Link geklickt
    Log-Analyse und Auswertung - 17.06.2014 (3)
  8. Telekom Rechnung geöffnet und auf gezippte EXE geklickt
    Plagegeister aller Art und deren Bekämpfung - 09.06.2014 (7)
  9. wahrscheinlich auf phishing link geklickt, http://click.glass.google-email.com/?qs=***
    Plagegeister aller Art und deren Bekämpfung - 18.04.2014 (8)
  10. PayPal Phishing-Mail erhalten, auf Link geklickt und Passwort eingegeben
    Plagegeister aller Art und deren Bekämpfung - 12.04.2014 (9)
  11. Phishing-Mail erhalten, auf Link geklickt und Daten angegeben
    Plagegeister aller Art und deren Bekämpfung - 05.02.2014 (26)
  12. Gefälschte und Telekom-Email und Link unachtsam geöffnet - Trojaner o.ä. eingefangen?
    Log-Analyse und Auswertung - 30.01.2014 (21)
  13. Auf Link in angeblicher Telekom-Rechnung geklickt -> Postfach vom Provider gesperrt
    Log-Analyse und Auswertung - 22.01.2014 (10)
  14. Falsche Telefonrechnung auf Download-Link geklickt.
    Plagegeister aller Art und deren Bekämpfung - 15.01.2014 (11)
  15. Falsche Telekom Mail erhalten und auf Link geklickt, was tun?
    Log-Analyse und Auswertung - 13.01.2014 (1)
  16. Telekom Rechnung mit ausländischem Download-Link
    Plagegeister aller Art und deren Bekämpfung - 11.01.2014 (7)
  17. Telekom Rechnung email erhalten
    Plagegeister aller Art und deren Bekämpfung - 25.02.2013 (11)

Zum Thema Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner - Hallo zusammen, ich habe heute diese Mail in meinem Postfach geöffnet: Ihre Telekom Mobilfunk RechnungOnline für Geschäftskunden 716383475434659659 vom 09.01.2014 des Kundenkontos 839861161161. Ich habe dort dummerweise auf den Download - Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner...
Archiv
Du betrachtest: Gefälschte Telekom Rechnung erhalten und auf Download Link geklickt - wahrscheinlich Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.