Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8.1: Vermute Trojaner Infektion

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 26.02.2014, 07:07   #1
Amazan
 
Windows 8.1: Vermute Trojaner Infektion - Standard

Windows 8.1: Vermute Trojaner Infektion



Hallo liebe Leute,

nachdem gestern gleichzeitig in drei unabhängigen Google Mailaccounts zugegriffen wurde (und Google das geblockt hat, weil es verdächtig vorkam), gehe ich davon aus, dass ich am PC ein Leck habe, da diese Accounts unabhängig voneinander sind, auch andere (sichere) Passwörter.

Ich habe folgende Scans bisher vorgenommen:
- Avast AntiVirus
- Spybot S&D
- Malwarebytes AM
- Trojaner Remove
Alle Scans waren negativ bzw. haben Ergebnisse gebracht, die ich zu 100% ausschließen kann, da ich die Textdateien bzw. das Archiv kenne.

Ich weiß nun nicht mehr weiter, und zum Neuinstallieren habe ich momentan keine Zeit, weil ich an meiner Abschlussarbeit sitze.

Ich hoffe, mir kann jemand weiterhelfen und den Schädling finden.

Vielen Dank schon mal,
Mike

Logs: Da es zu viel Text war, habe ich die angehängt. GMER konnte ich nicht ausführen, ich bekam jedesmal einen BlueScreen (WHEA_UNCORRECTABLE_ERROR)

Alt 26.02.2014, 08:04   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Vermute Trojaner Infektion - Standard

Windows 8.1: Vermute Trojaner Infektion



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 26.02.2014, 09:17   #3
Amazan
 
Windows 8.1: Vermute Trojaner Infektion - Standard

Windows 8.1: Vermute Trojaner Infektion



Natürlich, tut mir leid:

Defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 06:31 on 26/02/2014 (Mike)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         

FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-02-2014
Ran by Mike (administrator) on Mike-ULTRABOOK on 26-02-2014 06:44:06
Running from C:\Users\Mike\Downloads
Windows 8.1 Pro with Media Center (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(REINER SCT) C:\WINDOWS\SysWOW64\cjpcsc.exe
() C:\WINDOWS\system32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
() C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Stefan Hirschmann - StagWare) C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(The OpenVPN Project) C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Jing\Jing.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Stefan Hirschmann - StagWare) C:\Program Files (x86)\NoteBook FanControl\NoteBook FanControl.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Juniper Networks) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
() d:\xampp\mysql\bin\mysqld.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LU_1\LULnchr.exe
(Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LU_1\LogitechUpdate.exe
(Apache Software Foundation) d:\xampp\apache\bin\httpd.exe
(Apache Software Foundation) D:\xampp\apache\bin\httpd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [Cm106Sound] - C:\WINDOWS\Syswow64\cm106.dll [8151040 2009-10-10] (C-Media Corporation)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833576 2010-11-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [FileOpenBroker] - C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1589104 2013-03-26] (FileOpen Systems Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-02] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [openvpn-gui] - C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [436776 2013-06-14] ()
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1661856 2014-02-26] (Simply Super Software)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\0ddb9cbc-667a-4eda-8d2e-e549ab6dab29.exe /check [181136 2014-02-25] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-321065253-2983475057-385218367-1001\...\Run: [Google Update] - C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-16] (Google Inc.)
HKU\S-1-5-21-321065253-2983475057-385218367-1001\...\Run: [Jing] - C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2909640 2013-01-07] (TechSmith Corporation)
HKU\S-1-5-21-321065253-2983475057-385218367-1001\...\Run: [TrueCrypt] - C:\Program Files\TrueCrypt\TrueCrypt.exe [1516496 2013-01-16] (TrueCrypt Foundation)
HKU\S-1-5-21-321065253-2983475057-385218367-1001\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-321065253-2983475057-385218367-1001\...\Run: [NBFC-ClientApplication] - C:\Program Files (x86)\NoteBook FanControl\NoteBook FanControl.exe [418816 2013-12-04] (Stefan Hirschmann - StagWare)
HKU\S-1-5-21-321065253-2983475057-385218367-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-321065253-2983475057-385218367-1001\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [457728 2013-09-30] (Microsoft Corporation)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: AusweisApp 1.8.0.0 - {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} - C:\Program Files (x86)\AusweisApp\siqeCardClient.ols (OpenLimit SignCubes AG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: asp - {8D32BA61-D15B-11d4-894B-000000000000} -  No File
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler: ezstor - {8D32BA61-D15B-11d4-894B-000000000000} -  No File
Handler: hsp - {8D32BA61-D15B-11d4-894B-000000000000} -  No File
Handler: x-asp - {8D32BA61-D15B-11d4-894B-000000000000} -  No File
Handler: x-cnote - {8D32BA61-D15B-11d4-894B-000000000000} -  No File
Handler: x-hsp - {8D32BA61-D15B-11d4-894B-000000000000} -  No File
Handler: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} -  No File
Handler: x-zip - {8D32BA61-D15B-11d4-894B-000000000000} -  No File
Handler: zip - {8D32BA61-D15B-11d4-894B-000000000000} -  No File
Handler-x32: asp - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll (EzTools Software)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: ezstor - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll (EzTools Software)
Handler-x32: hsp - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll (EzTools Software)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: x-asp - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll (EzTools Software)
Handler-x32: x-cnote - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll (EzTools Software)
Handler-x32: x-hsp - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll (EzTools Software)
Handler-x32: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\Program Files (x86)\Common Files\EzTools\wowctl2.dll (EzTools Software)
Handler-x32: x-zip - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll (EzTools Software)
Handler-x32: zip - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll (EzTools Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\WINDOWS\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Mike\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Mike\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Mike\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Mike\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Mike\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\searchplugins\phpnet.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HTTPS-Everywhere - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\https-everywhere@eff.org [2014-01-05]
FF Extension: Forecastfox - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2013-01-16]
FF Extension: Garmin Communicator - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-21]
FF Extension: Html Validator - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2013-10-19]
FF Extension: Live HTTP Headers - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-03-23]
FF Extension: Evernote Web Clipper - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2013-12-18]
FF Extension: Page Speed - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2013-09-01]
FF Extension: Firebug - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\firebug@software.joehewitt.com.xpi [2013-01-16]
FF Extension: Locationbar² - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\locationbar2@design-noir.de.xpi [2013-01-16]
FF Extension: search-test-phase-1 - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\search-test-phase-1@mozilla.com.xpi [2013-12-02]
FF Extension: InstantFox - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\searchy@searchy.xpi [2013-06-02]
FF Extension: Status-4-Evar - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\status4evar@caligonstudios.com.xpi [2013-01-16]
FF Extension: Test Pilot - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-01-16]
FF Extension: Adblock Plus - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-16]
FF Extension: User Agent Switcher - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ipqwx9nd.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2013-08-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{4F3D26C8-9907-48ff-BC74-B8C572D317BF}] - C:\Program Files (x86)\AusweisApp\mozilla\eCardClientExt_FFxx_Win
FF Extension: AusweisApp - C:\Program Files (x86)\AusweisApp\mozilla\eCardClientExt_FFxx_Win [2013-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{4F0963A3-1658-4fde-9585-23A25CC288BF}] - C:\Program Files (x86)\AusweisApp\mozilla\eCardClientPIn_FFxx_Win
FF Extension: AusweisApp - C:\Program Files (x86)\AusweisApp\mozilla\eCardClientPIn_FFxx_Win [2013-11-11]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Mike\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Mike\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Mike\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-17]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-17]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-17]
CHR Extension: (Adblock Plus) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-01-19]
CHR Extension: (Google-Suche) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-17]
CHR Extension: (Google Wallet) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Mail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-17]

==================== Services (Whitelisted) =================

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-02] (AVAST Software)
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9936176 2013-11-29] (DisplayLink Corp.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [337264 2013-03-19] (FileOpen Systems Inc.)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [9728 2013-12-04] (Stefan Hirschmann - StagWare)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [59432 2013-06-14] (The OpenVPN Project)
R2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [59432 2013-06-14] (The OpenVPN Project)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
S4 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-02] (AVAST Software)
R3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [80184 2014-02-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-09] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 DisplayLinkUsbIo_x64; C:\Windows\System32\drivers\DisplayLinkUsbIo_x64_7.5.52277.0.sys [46384 2013-12-17] ()
S3 dlcdcncm6_x64; C:\Windows\system32\DRIVERS\dlcdcncm6_x64.sys [80688 2013-11-29] (DisplayLink Corp.)
S3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [203568 2013-11-29] (DisplayLink Corp.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 USBMULCD; C:\Windows\system32\drivers\CM10664.sys [1308160 2009-11-19] (C-Media Electronics Inc)
R3 vl810filter; C:\Windows\system32\DRIVERS\vl810filter.sys [17008 2011-11-17] (VIA Labs, Inc.)
R3 vmkbd2; C:\WINDOWS\system32\drivers\VMkbd.sys [32848 2013-10-18] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
R3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NoteBook FanControl\NbfcService.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-26 06:36 - 2014-02-26 06:44 - 00039067 _____ () C:\Users\Mike\Downloads\FRST.txt
2014-02-26 06:36 - 2014-02-26 06:44 - 00000000 ____D () C:\FRST
2014-02-26 06:32 - 2014-02-26 06:32 - 02155520 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2014-02-26 06:32 - 2014-02-26 06:32 - 00197340 _____ () C:\Users\Mike\Downloads\OTL.Txt
2014-02-26 06:31 - 2014-02-26 06:42 - 00000472 _____ () C:\Users\Mike\Downloads\defogger_disable.log
2014-02-26 06:31 - 2014-02-26 06:31 - 00000000 _____ () C:\Users\Mike\defogger_reenable
2014-02-26 06:30 - 2014-02-26 06:30 - 00050477 _____ () C:\Users\Mike\Downloads\Defogger.exe
2014-02-26 06:27 - 2014-02-26 06:27 - 00380416 _____ () C:\Users\Mike\Downloads\qoicz3c4.exe
2014-02-26 06:22 - 2014-02-26 06:22 - 00602112 _____ (OldTimer Tools) C:\Users\Mike\Downloads\OTL.exe
2014-02-26 00:16 - 2014-02-26 00:16 - 00021083 _____ () C:\Users\Mike\Downloads\hijackthis.log
2014-02-26 00:15 - 2014-02-26 00:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mike\Downloads\HiJackThis204.exe
2014-02-26 00:10 - 2014-02-26 00:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-02-26 00:06 - 2014-02-26 00:06 - 00000000 ____D () C:\Users\Mike\Documents\Simply Super Software
2014-02-26 00:06 - 2014-02-26 00:06 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Simply Super Software
2014-02-26 00:05 - 2014-02-26 00:07 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-02-26 00:05 - 2014-02-26 00:05 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-02-26 00:02 - 2014-02-26 00:05 - 21407864 _____ (Simply Super Software ) C:\Users\Mike\Downloads\trjsetup690.exe
2014-02-25 19:12 - 2014-02-25 19:12 - 00002138 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk
2014-02-25 19:12 - 2014-02-25 19:12 - 00000000 ____D () C:\Program Files (x86)\Belarc
2014-02-25 19:11 - 2014-02-25 19:12 - 03152736 _____ () C:\Users\Mike\Downloads\advisorinstaller.exe
2014-02-25 19:07 - 2014-02-25 19:07 - 00007621 _____ () C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
2014-02-25 17:43 - 2014-02-25 17:43 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-02-25 17:43 - 2014-02-25 17:43 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-02-25 17:05 - 2014-02-25 17:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-25 17:05 - 2014-02-25 17:43 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-25 16:18 - 2014-02-25 16:18 - 01243588 _____ () C:\Users\Mike\Downloads\ProcessExplorer(1).zip
2014-02-25 08:42 - 2014-02-25 20:02 - 00133611 _____ () C:\Users\Mike\Documents\Der neue Personalausweis als Teil einer PKI.pptx
2014-02-24 20:06 - 2014-02-24 20:06 - 00056375 _____ () C:\Users\Mike\Downloads\natdin.bst
2014-02-24 20:06 - 2014-02-24 20:06 - 00000477 _____ () C:\Users\Mike\Downloads\natbib.cfg
2014-02-24 17:41 - 2014-02-24 17:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-24 17:41 - 2014-02-24 17:41 - 00000977 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-24 17:40 - 2014-02-24 17:40 - 01141680 _____ () C:\Users\Mike\Downloads\SteamSetup.exe
2014-02-23 14:17 - 2014-02-23 14:17 - 00010240 _____ () C:\Users\Mike\Downloads\com.artistadd.style.simpleblue.tar
2014-02-21 11:13 - 2014-02-22 21:33 - 00093368 _____ () C:\Users\Mike\Documents\pace.pptx
2014-02-20 17:23 - 2013-12-18 16:27 - 00594024 _____ (Juniper Networks) C:\WINDOWS\system32\dsNcSmartCardProv.dll
2014-02-20 17:23 - 2013-12-18 16:27 - 00423528 _____ (Juniper Networks) C:\WINDOWS\system32\dsNcCredProv.dll
2014-02-20 17:01 - 2014-02-20 17:01 - 00000000 ____D () C:\Users\Mike\AppData\Local\Sophos
2014-02-20 17:00 - 2014-02-20 17:00 - 01372496 _____ () C:\Users\Mike\Downloads\sslvpn_inst_hoa33795@vpnendpoint.hs-regensburg.de(1).exe
2014-02-20 17:00 - 2014-02-20 17:00 - 00133344 _____ () C:\Users\Mike\Downloads\sslvpn_conf_hoa33795@vpnendpoint.hs-regensburg.de.exe
2014-02-20 17:00 - 2014-02-20 17:00 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-02-20 17:00 - 2014-02-20 17:00 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-02-20 10:10 - 2014-02-20 10:10 - 00015825 _____ () C:\Users\Mike\Downloads\english_2.0(1).zip
2014-02-20 09:20 - 2014-02-20 09:20 - 00005299 _____ () C:\Users\Mike\Downloads\english_2.0.zip
2014-02-20 08:00 - 2014-02-20 08:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-18 10:26 - 2014-02-18 10:26 - 00004453 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel
2014-02-16 13:02 - 2014-02-16 13:02 - 00000000 ____D () C:\Users\Mike\.m2
2014-02-16 13:00 - 2013-12-18 21:10 - 00877480 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\npdeployJava1.dll
2014-02-16 13:00 - 2013-12-18 21:10 - 00800168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\deployJava1.dll
2014-02-16 08:42 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-16 08:42 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-16 08:42 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-16 08:42 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-16 08:42 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-16 08:42 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-16 08:42 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-16 08:42 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-16 08:42 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-16 08:42 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-16 08:42 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-16 08:42 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-16 08:42 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-16 08:42 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-16 08:42 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-16 08:42 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-16 08:42 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-16 08:42 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-16 08:42 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-16 08:42 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-16 08:42 - 2013-11-26 14:20 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcmde.dll
2014-02-16 08:42 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-16 08:42 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-16 08:42 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-16 08:42 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-16 08:42 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-16 08:42 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-16 08:42 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-16 08:42 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-16 08:42 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-16 08:42 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-16 08:42 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-16 08:42 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-16 08:42 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-16 08:42 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-16 08:42 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-16 08:42 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-16 08:42 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-16 08:42 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-16 08:42 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-16 08:42 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-16 08:42 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-16 08:42 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-16 08:42 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-16 08:42 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-16 08:42 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-16 08:42 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-16 08:42 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-16 08:42 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-16 08:42 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-16 08:42 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-16 08:42 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-16 08:42 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-16 08:42 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-16 08:42 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 08:42 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 08:00 - 2014-02-20 15:39 - 00001191 _____ () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-02-15 19:04 - 2014-02-15 19:16 - 00032695 _____ () C:\Users\Mike\Documents\keys_aus_signatur.pptx
2014-02-15 15:26 - 2014-02-15 15:37 - 73247144 _____ () C:\Users\Mike\Downloads\jdk-6u45-windows-i586.exe
2014-02-14 23:06 - 2014-02-15 08:53 - 00039006 _____ () C:\Users\Mike\Documents\Zertifikatsdiensteanbieter.pptx
2014-02-14 20:45 - 2014-02-14 20:46 - 00001191 _____ () C:\Users\Mike\Documents\test.p7b
2014-02-14 13:21 - 2014-02-14 13:21 - 00041159 _____ () C:\Users\Mike\Documents\eSign Signierung.vsdx
2014-02-13 23:25 - 2014-02-13 23:25 - 00040479 _____ () C:\Users\Mike\Documents\eSign Schlüsselerzeugung.vsdx
2014-02-13 19:47 - 2014-02-13 19:51 - 00000328 _____ () C:\Users\Mike\Documents\PKI.TXT
2014-02-13 19:46 - 2014-02-14 14:54 - 00038520 _____ () C:\Users\Mike\Documents\PACE.vsdx
2014-02-13 19:23 - 2014-02-13 19:23 - 00018568 _____ () C:\Users\Mike\Documents\Zeichnung2.svg
2014-02-13 13:50 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 13:50 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 13:50 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 13:50 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 13:50 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 13:50 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 13:50 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 13:50 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 13:50 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 13:50 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 13:50 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 13:50 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 13:50 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 13:50 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 13:50 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 13:50 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 13:50 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 13:50 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 13:50 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 13:50 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 13:50 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 13:50 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 13:50 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 13:50 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 13:50 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 13:50 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 13:50 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 13:50 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 13:50 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 13:50 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 13:50 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 13:50 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 13:50 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 13:50 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 13:50 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 13:50 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 13:50 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 13:50 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 13:50 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 13:50 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 13:50 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 13:50 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 13:50 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 13:50 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 13:50 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 11:05 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 11:05 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 11:05 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 11:05 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 11:05 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 11:05 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 11:05 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 11:05 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 11:05 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 11:05 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 11:05 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 11:05 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 11:05 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 11:05 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 11:05 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 11:05 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 11:05 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 11:05 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 11:05 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 11:05 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 11:05 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 11:05 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 11:05 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 11:05 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 11:05 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 11:05 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\Users\Mike\Downloads\Vorlage2
2014-02-12 13:17 - 2014-02-12 13:46 - 00002120 _____ () C:\Users\Mike\Desktop\ba.txt
2014-02-12 12:54 - 2014-02-12 12:54 - 01165008 _____ () C:\Users\Mike\Downloads\GoogleCalendarSync_0.9.4.1_Installer.exe
2014-02-12 12:09 - 2014-02-12 13:02 - 00000000 ____D () C:\Users\Mike\Documents\Outlook-Dateien
2014-02-12 12:03 - 2014-02-12 12:03 - 00000000 ____D () C:\Users\Mike\Documents\Benutzerdefinierte Office-Vorlagen
2014-02-12 11:39 - 2014-02-12 11:39 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-02-12 11:38 - 2014-02-12 11:38 - 00575168 _____ (Microsoft Corporation) C:\Users\Mike\Downloads\Setup.X86.de-de_O365ProPlusRetail_214d81e8-d35f-4593-b8c6-1f0b73853d34_TX_PR_.exe
2014-02-12 08:50 - 2014-02-12 08:50 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\MiKTeX
2014-02-12 08:49 - 2014-02-12 08:49 - 00000000 ____D () C:\Users\Mike\AppData\Local\MiKTeX
2014-02-12 08:45 - 2014-02-12 12:34 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\xm1
2014-02-12 08:45 - 2014-02-12 08:45 - 00000000 ____D () C:\Users\Mike\Downloads\Vorlage
2014-02-12 08:37 - 2014-02-12 08:37 - 00001001 _____ () C:\Users\Mike\Desktop\Texmaker.lnk
2014-02-12 08:37 - 2014-02-12 08:37 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-02-12 08:37 - 2014-02-12 08:37 - 00000000 ____D () C:\Program Files (x86)\Texmaker
2014-02-12 08:32 - 2014-02-12 08:32 - 00000000 ____D () C:\ProgramData\MiKTeX
2014-02-11 19:24 - 2014-02-11 19:26 - 12631003 _____ (The TeXnicCenter Team ) C:\Users\Mike\Downloads\TXCSetup_2.02Stable_x64.exe
2014-02-11 16:15 - 2014-02-11 16:15 - 00264917 _____ () C:\Users\Mike\Downloads\Vorlage2.zip
2014-02-11 16:14 - 2014-02-11 16:15 - 02626617 _____ () C:\Users\Mike\Downloads\hgb-thesis-utf-20130517.zip
2014-02-11 10:00 - 2014-02-11 10:00 - 00000000 ____D () C:\Users\Mike\Downloads\jquery-ui-1.10.4
2014-02-11 09:59 - 2014-02-11 10:00 - 03026247 _____ () C:\Users\Mike\Downloads\jquery-ui-1.10.4.zip
2014-02-11 08:47 - 2014-02-11 08:47 - 00265732 _____ () C:\Users\Mike\Downloads\font-awesome-4.0.3.zip
2014-02-11 08:47 - 2014-02-11 08:47 - 00000000 ____D () C:\Users\Mike\Downloads\font-awesome-4.0.3
2014-02-10 22:57 - 2014-02-10 22:57 - 00000000 ____D () C:\Users\Mike\Downloads\jquery.mobile-1.4.0
2014-02-10 22:56 - 2014-02-10 22:57 - 07752055 _____ () C:\Users\Mike\Downloads\jquery.mobile-1.4.0.zip
2014-02-09 22:56 - 2014-02-09 22:56 - 00000000 ____D () C:\Users\Mike\Downloads\tinymce_4.0.16_jquery
2014-02-09 22:55 - 2014-02-09 22:55 - 00280017 _____ () C:\Users\Mike\Downloads\tinymce_4.0.16_jquery.zip
2014-02-09 22:18 - 2014-02-09 22:18 - 00000000 ____D () C:\Users\Mike\Downloads\elFinder-2.x
2014-02-09 22:13 - 2014-02-09 22:13 - 01284517 _____ () C:\Users\Mike\Downloads\elFinder-2.x.zip
2014-02-05 12:17 - 2014-02-12 12:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 00:31 - 2014-02-05 00:32 - 03997793 _____ () C:\Users\Mike\Downloads\ClanSphere-2011.4.3.zip
2014-02-04 17:15 - 2014-02-04 17:15 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\FileOpen
2014-02-04 17:15 - 2014-02-04 17:15 - 00000000 ____D () C:\ProgramData\FileOpen
2014-02-04 17:12 - 2014-02-04 17:12 - 00000000 ____D () C:\Program Files\FileOpen
2014-02-04 17:12 - 2014-02-04 17:12 - 00000000 ____D () C:\Program Files (x86)\FileOpen
2014-02-04 17:11 - 2014-02-04 17:11 - 02707456 _____ () C:\Users\Mike\Downloads\FileOpenInstaller64.msi
2014-02-04 06:59 - 2014-02-04 06:59 - 00000000 ____D () C:\Users\Mike\Downloads\infotooltip
2014-02-04 06:59 - 2014-02-04 06:59 - 00000000 ____D () C:\Users\Mike\Downloads\eq2
2014-02-03 21:58 - 2014-02-03 21:58 - 01819689 _____ () C:\Users\Mike\Downloads\eq2.zip
2014-02-03 21:58 - 2014-02-03 21:58 - 00034930 _____ () C:\Users\Mike\Downloads\infotooltip.zip
2014-02-02 09:42 - 2014-02-02 09:51 - 59694592 _____ () C:\Users\Mike\Downloads\AKS_v1.0.ppt
2014-02-01 13:29 - 2014-02-01 13:30 - 00000000 ____D () C:\Program Files (x86)\gnucash
2014-02-01 09:50 - 2014-02-01 10:01 - 74983053 _____ (GnuCash Development Team ) C:\Users\Mike\Downloads\gnucash-2.6.1-setup.exe
2014-01-30 17:50 - 2014-02-02 13:51 - 00000000 ____D () C:\Users\Mike\Downloads\jquery.socialshareprivacy
2014-01-30 17:47 - 2014-01-30 17:47 - 00150728 _____ () C:\Users\Mike\Downloads\jquery.socialshareprivacy.zip
2014-01-30 10:33 - 2014-01-30 10:33 - 00866712 _____ () C:\Users\Mike\Downloads\Übung 04.zip
2014-01-30 10:33 - 2014-01-30 10:33 - 00135722 _____ () C:\Users\Mike\Downloads\resExercise7.zip
2014-01-29 09:12 - 2014-01-29 09:12 - 00001105 _____ () C:\Users\Public\Desktop\StreamTransport.lnk
2014-01-29 09:12 - 2014-01-29 09:12 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-01-29 09:08 - 2014-01-29 09:09 - 01949695 _____ (hxxp://www.streamtransport.com/ ) C:\Users\Mike\Downloads\streamtransport_1102setup.exe
2014-01-28 18:34 - 2014-01-28 18:34 - 00000000 ____D () C:\Users\Mike\Downloads\win32diskimager-v0.9-binary
2014-01-28 18:33 - 2014-01-28 18:34 - 05673469 _____ () C:\Users\Mike\Downloads\win32diskimager-v0.9-binary.zip
2014-01-28 17:56 - 2014-01-28 17:57 - 06720334 _____ (Ansgar Becker ) C:\Users\Mike\Downloads\HeidiSQL_8.3.0.4694_Setup.exe

==================== One Month Modified Files and Folders =======

2014-02-26 06:44 - 2014-02-26 06:36 - 00039067 _____ () C:\Users\Mike\Downloads\FRST.txt
2014-02-26 06:44 - 2014-02-26 06:36 - 00000000 ____D () C:\FRST
2014-02-26 06:42 - 2014-02-26 06:31 - 00000472 _____ () C:\Users\Mike\Downloads\defogger_disable.log
2014-02-26 06:41 - 2013-01-16 18:54 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Skype
2014-02-26 06:39 - 2013-01-16 08:16 - 00001146 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-321065253-2983475057-385218367-1001UA.job
2014-02-26 06:38 - 2013-10-19 10:40 - 01454884 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-26 06:37 - 2013-10-19 10:51 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\ClassicShell
2014-02-26 06:33 - 2013-02-22 15:25 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Nettalk
2014-02-26 06:32 - 2014-02-26 06:32 - 02155520 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2014-02-26 06:32 - 2014-02-26 06:32 - 00197340 _____ () C:\Users\Mike\Downloads\OTL.Txt
2014-02-26 06:31 - 2014-02-26 06:31 - 00000000 _____ () C:\Users\Mike\defogger_reenable
2014-02-26 06:31 - 2013-10-19 10:27 - 00000000 ____D () C:\Users\Mike
2014-02-26 06:30 - 2014-02-26 06:30 - 00050477 _____ () C:\Users\Mike\Downloads\Defogger.exe
2014-02-26 06:30 - 2013-01-16 08:50 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-26 06:27 - 2014-02-26 06:27 - 00380416 _____ () C:\Users\Mike\Downloads\qoicz3c4.exe
2014-02-26 06:22 - 2014-02-26 06:22 - 00602112 _____ (OldTimer Tools) C:\Users\Mike\Downloads\OTL.exe
2014-02-26 06:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-26 00:24 - 2013-01-15 19:15 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-321065253-2983475057-385218367-1001
2014-02-26 00:16 - 2014-02-26 00:16 - 00021083 _____ () C:\Users\Mike\Downloads\hijackthis.log
2014-02-26 00:15 - 2014-02-26 00:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Mike\Downloads\HiJackThis204.exe
2014-02-26 00:10 - 2014-02-26 00:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-02-26 00:07 - 2014-02-26 00:05 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-02-26 00:06 - 2014-02-26 00:06 - 00000000 ____D () C:\Users\Mike\Documents\Simply Super Software
2014-02-26 00:06 - 2014-02-26 00:06 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Simply Super Software
2014-02-26 00:05 - 2014-02-26 00:05 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-02-26 00:05 - 2014-02-26 00:02 - 21407864 _____ (Simply Super Software ) C:\Users\Mike\Downloads\trjsetup690.exe
2014-02-26 00:03 - 2014-01-10 09:07 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-26 00:00 - 2013-01-16 08:53 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Dropbox
2014-02-25 20:02 - 2014-02-25 08:42 - 00133611 _____ () C:\Users\Mike\Documents\Der neue Personalausweis als Teil einer PKI.pptx
2014-02-25 19:12 - 2014-02-25 19:12 - 00002138 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk
2014-02-25 19:12 - 2014-02-25 19:12 - 00000000 ____D () C:\Program Files (x86)\Belarc
2014-02-25 19:12 - 2014-02-25 19:11 - 03152736 _____ () C:\Users\Mike\Downloads\advisorinstaller.exe
2014-02-25 19:07 - 2014-02-25 19:07 - 00007621 _____ () C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
2014-02-25 18:01 - 2013-01-17 11:29 - 00000600 _____ () C:\Users\Mike\AppData\Roaming\winscp.rnd
2014-02-25 17:43 - 2014-02-25 17:43 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-02-25 17:43 - 2014-02-25 17:43 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-02-25 17:43 - 2014-02-25 17:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-25 17:43 - 2014-02-25 17:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-25 17:36 - 2013-01-20 11:32 - 00000000 ____D () C:\Users\Mike\.gimp-2.8
2014-02-25 16:59 - 2013-09-30 05:14 - 01989052 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-25 16:59 - 2013-09-30 04:58 - 00852678 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-25 16:59 - 2013-09-30 04:58 - 00195918 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-25 16:18 - 2014-02-25 16:18 - 01243588 _____ () C:\Users\Mike\Downloads\ProcessExplorer(1).zip
2014-02-25 11:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-25 08:39 - 2013-01-16 08:16 - 00002415 _____ () C:\Users\Mike\Desktop\Google Chrome.lnk
2014-02-25 08:39 - 2013-01-16 08:16 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-321065253-2983475057-385218367-1001Core.job
2014-02-24 20:06 - 2014-02-24 20:06 - 00056375 _____ () C:\Users\Mike\Downloads\natdin.bst
2014-02-24 20:06 - 2014-02-24 20:06 - 00000477 _____ () C:\Users\Mike\Downloads\natbib.cfg
2014-02-24 17:52 - 2014-02-24 17:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-24 17:41 - 2014-02-24 17:41 - 00000977 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-24 17:40 - 2014-02-24 17:40 - 01141680 _____ () C:\Users\Mike\Downloads\SteamSetup.exe
2014-02-23 14:17 - 2014-02-23 14:17 - 00010240 _____ () C:\Users\Mike\Downloads\com.artistadd.style.simpleblue.tar
2014-02-22 21:33 - 2014-02-21 11:13 - 00093368 _____ () C:\Users\Mike\Documents\pace.pptx
2014-02-22 10:18 - 2013-01-29 21:10 - 00000600 _____ () C:\Users\Mike\AppData\Local\PUTTY.RND
2014-02-21 11:51 - 2013-08-22 15:46 - 00315604 _____ () C:\WINDOWS\setupact.log
2014-02-21 09:45 - 2013-01-20 11:29 - 00126784 _____ () C:\Users\Mike\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-20 23:30 - 2013-01-16 08:50 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 20:05 - 2014-01-10 09:07 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-02-20 17:23 - 2013-04-19 13:47 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Juniper Networks
2014-02-20 17:23 - 2013-04-19 13:47 - 00000000 ____D () C:\Program Files (x86)\Juniper Networks
2014-02-20 17:18 - 2013-01-16 20:52 - 00000000 ____D () C:\Users\Mike\AppData\Local\TSVNCache
2014-02-20 17:18 - 2013-01-15 19:10 - 00000401 _____ () C:\Users\Mike\AppData\Roaming\sp_data.sys
2014-02-20 17:10 - 2013-12-30 08:05 - 00000000 ____D () C:\Program Files (x86)\NoteBook FanControl
2014-02-20 17:09 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-20 17:09 - 2013-03-21 10:41 - 00000000 ____D () C:\ProgramData\VMware
2014-02-20 17:08 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-20 17:08 - 2013-01-15 13:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-20 17:01 - 2014-02-20 17:01 - 00000000 ____D () C:\Users\Mike\AppData\Local\Sophos
2014-02-20 17:00 - 2014-02-20 17:00 - 01372496 _____ () C:\Users\Mike\Downloads\sslvpn_inst_hoa33795@vpnendpoint.hs-regensburg.de(1).exe
2014-02-20 17:00 - 2014-02-20 17:00 - 00133344 _____ () C:\Users\Mike\Downloads\sslvpn_conf_hoa33795@vpnendpoint.hs-regensburg.de.exe
2014-02-20 17:00 - 2014-02-20 17:00 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-02-20 17:00 - 2014-02-20 17:00 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-02-20 15:39 - 2014-02-16 08:00 - 00001191 _____ () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-02-20 10:10 - 2014-02-20 10:10 - 00015825 _____ () C:\Users\Mike\Downloads\english_2.0(1).zip
2014-02-20 09:52 - 2013-04-05 15:37 - 00000000 ____D () C:\Users\Mike\AppData\Local\Eclipse
2014-02-20 09:20 - 2014-02-20 09:20 - 00005299 _____ () C:\Users\Mike\Downloads\english_2.0.zip
2014-02-20 08:00 - 2014-02-20 08:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-18 10:26 - 2014-02-18 10:26 - 00004453 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel
2014-02-18 10:26 - 2013-08-28 22:14 - 00000000 ____D () C:\Users\Mike\AppData\Local\gtk-2.0
2014-02-18 08:22 - 2013-02-08 15:59 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\FileZilla
2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 13:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-17 07:50 - 2013-01-15 19:10 - 00000000 ___RD () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-17 07:50 - 2013-01-15 19:10 - 00000000 ___RD () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-17 07:49 - 2013-09-29 20:05 - 00088022 _____ () C:\WINDOWS\PFRO.log
2014-02-17 07:49 - 2013-08-22 15:44 - 00498432 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-17 07:48 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-17 07:48 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-17 07:48 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-17 07:48 - 2013-07-15 18:47 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-17 07:47 - 2013-01-15 14:12 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 13:41 - 2013-01-15 13:39 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Mozilla
2014-02-16 13:37 - 2013-11-11 12:50 - 00000000 ____D () C:\Users\Mike\.ausweisapp
2014-02-16 13:02 - 2014-02-16 13:02 - 00000000 ____D () C:\Users\Mike\.m2
2014-02-16 13:00 - 2013-01-16 08:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-16 08:34 - 2013-01-16 08:16 - 00004094 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-321065253-2983475057-385218367-1001UA
2014-02-16 08:34 - 2013-01-16 08:16 - 00003714 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-321065253-2983475057-385218367-1001Core
2014-02-15 23:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-15 23:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-15 23:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-15 19:16 - 2014-02-15 19:04 - 00032695 _____ () C:\Users\Mike\Documents\keys_aus_signatur.pptx
2014-02-15 15:37 - 2014-02-15 15:26 - 73247144 _____ () C:\Users\Mike\Downloads\jdk-6u45-windows-i586.exe
2014-02-15 08:53 - 2014-02-14 23:06 - 00039006 _____ () C:\Users\Mike\Documents\Zertifikatsdiensteanbieter.pptx
2014-02-14 20:47 - 2013-01-16 08:45 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Notepad++
2014-02-14 20:46 - 2014-02-14 20:45 - 00001191 _____ () C:\Users\Mike\Documents\test.p7b
2014-02-14 18:48 - 2013-01-19 09:42 - 00737792 ___SH () C:\Users\Mike\Documents\Thumbs.db
2014-02-14 14:54 - 2014-02-13 19:46 - 00038520 _____ () C:\Users\Mike\Documents\PACE.vsdx
2014-02-14 14:07 - 2013-01-26 12:11 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\KeePass
2014-02-14 14:07 - 2013-01-19 09:42 - 00009070 _____ () C:\Users\Mike\Documents\Database.kdbx
2014-02-14 13:21 - 2014-02-14 13:21 - 00041159 _____ () C:\Users\Mike\Documents\eSign Signierung.vsdx
2014-02-13 23:25 - 2014-02-13 23:25 - 00040479 _____ () C:\Users\Mike\Documents\eSign Schlüsselerzeugung.vsdx
2014-02-13 19:51 - 2014-02-13 19:47 - 00000328 _____ () C:\Users\Mike\Documents\PKI.TXT
2014-02-13 19:23 - 2014-02-13 19:23 - 00018568 _____ () C:\Users\Mike\Documents\Zeichnung2.svg
2014-02-12 23:25 - 2013-01-16 08:50 - 00004108 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 23:25 - 2013-01-16 08:50 - 00003872 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\Users\Mike\Downloads\Vorlage2
2014-02-12 15:52 - 2013-06-17 13:31 - 00000000 ____D () C:\Users\Mike\AppData\Local\TGitCache
2014-02-12 13:46 - 2014-02-12 13:17 - 00002120 _____ () C:\Users\Mike\Desktop\ba.txt
2014-02-12 13:02 - 2014-02-12 12:09 - 00000000 ____D () C:\Users\Mike\Documents\Outlook-Dateien
2014-02-12 12:57 - 2013-01-16 08:50 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-12 12:57 - 2013-01-16 08:16 - 00000000 ____D () C:\Users\Mike\AppData\Local\Google
2014-02-12 12:54 - 2014-02-12 12:54 - 01165008 _____ () C:\Users\Mike\Downloads\GoogleCalendarSync_0.9.4.1_Installer.exe
2014-02-12 12:34 - 2014-02-12 08:45 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\xm1
2014-02-12 12:12 - 2014-02-05 12:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-12 12:03 - 2014-02-12 12:03 - 00000000 ____D () C:\Users\Mike\Documents\Benutzerdefinierte Office-Vorlagen
2014-02-12 11:39 - 2014-02-12 11:39 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-02-12 11:38 - 2014-02-12 11:38 - 00575168 _____ (Microsoft Corporation) C:\Users\Mike\Downloads\Setup.X86.de-de_O365ProPlusRetail_214d81e8-d35f-4593-b8c6-1f0b73853d34_TX_PR_.exe
2014-02-12 08:50 - 2014-02-12 08:50 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\MiKTeX
2014-02-12 08:49 - 2014-02-12 08:49 - 00000000 ____D () C:\Users\Mike\AppData\Local\MiKTeX
2014-02-12 08:45 - 2014-02-12 08:45 - 00000000 ____D () C:\Users\Mike\Downloads\Vorlage
2014-02-12 08:41 - 2013-04-05 15:36 - 00000000 ____D () C:\Users\Mike\Documents\EclipseProjects
2014-02-12 08:37 - 2014-02-12 08:37 - 00001001 _____ () C:\Users\Mike\Desktop\Texmaker.lnk
2014-02-12 08:37 - 2014-02-12 08:37 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-02-12 08:37 - 2014-02-12 08:37 - 00000000 ____D () C:\Program Files (x86)\Texmaker
2014-02-12 08:37 - 2013-04-21 07:03 - 00000912 _____ () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eclipse.lnk
2014-02-12 08:32 - 2014-02-12 08:32 - 00000000 ____D () C:\ProgramData\MiKTeX
2014-02-11 19:26 - 2014-02-11 19:24 - 12631003 _____ (The TeXnicCenter Team ) C:\Users\Mike\Downloads\TXCSetup_2.02Stable_x64.exe
2014-02-11 16:15 - 2014-02-11 16:15 - 00264917 _____ () C:\Users\Mike\Downloads\Vorlage2.zip
2014-02-11 16:15 - 2014-02-11 16:14 - 02626617 _____ () C:\Users\Mike\Downloads\hgb-thesis-utf-20130517.zip
2014-02-11 10:00 - 2014-02-11 10:00 - 00000000 ____D () C:\Users\Mike\Downloads\jquery-ui-1.10.4
2014-02-11 10:00 - 2014-02-11 09:59 - 03026247 _____ () C:\Users\Mike\Downloads\jquery-ui-1.10.4.zip
2014-02-11 08:47 - 2014-02-11 08:47 - 00265732 _____ () C:\Users\Mike\Downloads\font-awesome-4.0.3.zip
2014-02-11 08:47 - 2014-02-11 08:47 - 00000000 ____D () C:\Users\Mike\Downloads\font-awesome-4.0.3
2014-02-10 22:57 - 2014-02-10 22:57 - 00000000 ____D () C:\Users\Mike\Downloads\jquery.mobile-1.4.0
2014-02-10 22:57 - 2014-02-10 22:56 - 07752055 _____ () C:\Users\Mike\Downloads\jquery.mobile-1.4.0.zip
2014-02-09 22:56 - 2014-02-09 22:56 - 00000000 ____D () C:\Users\Mike\Downloads\tinymce_4.0.16_jquery
2014-02-09 22:55 - 2014-02-09 22:55 - 00280017 _____ () C:\Users\Mike\Downloads\tinymce_4.0.16_jquery.zip
2014-02-09 22:18 - 2014-02-09 22:18 - 00000000 ____D () C:\Users\Mike\Downloads\elFinder-2.x
2014-02-09 22:13 - 2014-02-09 22:13 - 01284517 _____ () C:\Users\Mike\Downloads\elFinder-2.x.zip
2014-02-06 14:15 - 2013-01-17 18:36 - 17043968 ___SH () C:\Users\Mike\Downloads\Thumbs.db
2014-02-06 13:16 - 2014-02-13 13:50 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 13:50 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 13:50 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 13:50 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 13:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 13:50 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 13:50 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 13:50 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-13 13:50 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 13:50 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 13:50 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 13:50 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 13:50 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 13:50 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 13:50 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 13:50 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 13:50 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 13:50 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 13:50 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 13:50 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 13:50 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 13:50 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 13:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-13 13:50 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 13:50 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 13:50 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 13:50 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 13:50 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 13:50 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 13:50 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 13:50 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 13:50 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 13:50 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 13:50 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 13:50 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 13:50 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 13:50 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 00:32 - 2014-02-05 00:31 - 03997793 _____ () C:\Users\Mike\Downloads\ClanSphere-2011.4.3.zip
2014-02-04 17:15 - 2014-02-04 17:15 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\FileOpen
2014-02-04 17:15 - 2014-02-04 17:15 - 00000000 ____D () C:\ProgramData\FileOpen
2014-02-04 17:12 - 2014-02-04 17:12 - 00000000 ____D () C:\Program Files\FileOpen
2014-02-04 17:12 - 2014-02-04 17:12 - 00000000 ____D () C:\Program Files (x86)\FileOpen
2014-02-04 17:11 - 2014-02-04 17:11 - 02707456 _____ () C:\Users\Mike\Downloads\FileOpenInstaller64.msi
2014-02-04 06:59 - 2014-02-04 06:59 - 00000000 ____D () C:\Users\Mike\Downloads\infotooltip
2014-02-04 06:59 - 2014-02-04 06:59 - 00000000 ____D () C:\Users\Mike\Downloads\eq2
2014-02-03 21:58 - 2014-02-03 21:58 - 01819689 _____ () C:\Users\Mike\Downloads\eq2.zip
2014-02-03 21:58 - 2014-02-03 21:58 - 00034930 _____ () C:\Users\Mike\Downloads\infotooltip.zip
2014-02-02 13:51 - 2014-01-30 17:50 - 00000000 ____D () C:\Users\Mike\Downloads\jquery.socialshareprivacy
2014-02-02 09:51 - 2014-02-02 09:42 - 59694592 _____ () C:\Users\Mike\Downloads\AKS_v1.0.ppt
2014-02-02 07:52 - 2013-10-16 23:16 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-02 07:51 - 2014-01-09 11:25 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-02-02 07:51 - 2013-01-15 13:33 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-02-02 07:51 - 2013-01-15 13:33 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-02-02 07:51 - 2013-01-15 13:33 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-02-02 07:51 - 2013-01-15 13:33 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-02-02 07:51 - 2013-01-15 13:33 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-02-02 07:51 - 2013-01-15 13:26 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-02-01 13:30 - 2014-02-01 13:29 - 00000000 ____D () C:\Program Files (x86)\gnucash
2014-02-01 10:01 - 2014-02-01 09:50 - 74983053 _____ (GnuCash Development Team ) C:\Users\Mike\Downloads\gnucash-2.6.1-setup.exe
2014-01-30 19:41 - 2014-01-13 16:11 - 00019030 _____ () C:\Users\Mike\Downloads\feiertage.ics
2014-01-30 17:47 - 2014-01-30 17:47 - 00150728 _____ () C:\Users\Mike\Downloads\jquery.socialshareprivacy.zip
2014-01-30 10:33 - 2014-01-30 10:33 - 00866712 _____ () C:\Users\Mike\Downloads\Übung 04.zip
2014-01-30 10:33 - 2014-01-30 10:33 - 00135722 _____ () C:\Users\Mike\Downloads\resExercise7.zip
2014-01-29 09:22 - 2013-01-17 09:33 - 00000000 ____D () C:\Users\Mike\AppData\Local\Adobe
2014-01-29 09:12 - 2014-01-29 09:12 - 00001105 _____ () C:\Users\Public\Desktop\StreamTransport.lnk
2014-01-29 09:12 - 2014-01-29 09:12 - 00000000 ____D () C:\Program Files (x86)\StreamTransport
2014-01-29 09:09 - 2014-01-29 09:08 - 01949695 _____ (hxxp://www.streamtransport.com/ ) C:\Users\Mike\Downloads\streamtransport_1102setup.exe
2014-01-28 18:42 - 2013-10-19 17:41 - 00000000 ____D () C:\WINDOWS\Minidump
2014-01-28 18:34 - 2014-01-28 18:34 - 00000000 ____D () C:\Users\Mike\Downloads\win32diskimager-v0.9-binary
2014-01-28 18:34 - 2014-01-28 18:33 - 05673469 _____ () C:\Users\Mike\Downloads\win32diskimager-v0.9-binary.zip
2014-01-28 17:57 - 2014-01-28 17:56 - 06720334 _____ (Ansgar Becker ) C:\Users\Mike\Downloads\HeidiSQL_8.3.0.4694_Setup.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Mike\AppData\Local\Temp\JuniperSetupClientInstaller.exe
C:\Users\Mike\AppData\Local\Temp\neoNCSetup64.exe
C:\Users\Mike\AppData\Local\Temp\npp.6.5.2.Installer.exe
C:\Users\Mike\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Mike\AppData\Local\Temp\ose00000.exe
C:\Users\Mike\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Mike\AppData\Local\Temp\_is1957.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-20 20:21

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 26.02.2014, 09:18   #4
Amazan
 
Windows 8.1: Vermute Trojaner Infektion - Standard

Windows 8.1: Vermute Trojaner Infektion



Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2014
Ran by Mike at 2014-02-26 06:45:36
Running from C:\Users\Mike\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AusweisApp (HKLM-x32\...\{6E2E92F9-A81B-426F-8F35-4F3718A7D0AF}) (Version: 1.11.0 - OpenLimit SignCubes AG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
CodeBlocks (HKCU\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)
Cyberduck 4.4.3 (14140) (HKLM-x32\...\Cyberduck) (Version: 4.4.3 (14140) - )
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
Debugging Tools for Windows (HKLM-x32\...\{1C943495-B69F-4D41-AE0E-23C57ECD90EE}) (Version: 6.4.7.2 - Microsoft Corporation)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{CD3C2621-B611-4A30-BB37-81CA880AB895}) (Version:  - Microsoft)
DisplayLink Core Software (HKLM\...\{85ACB5CB-6321-4CEC-BB16-E9FEC59598AD}) (Version: 7.5.52874.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{FD83C8EB-EAD5-424F-BC36-1A3DF91F1E5F}) (Version: 7.5.52889.0 - DisplayLink Corp.)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{47AA145C-1698-4C76-A15B-23730399A423}) (Version: 11.1.21009.00 - Microsoft Corporation)
EPSON PX830 Series Printer Uninstall (HKLM\...\EPSON PX830 Series) (Version:  - SEIKO EPSON Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Evernote v. 4.6.6 (HKLM-x32\...\{6146B9DC-C33D-11E2-BDE1-984BE15F174E}) (Version: 4.6.6.8360 - Evernote Corp.)
FileOpen Client (x64) B928 (HKLM\...\{3ED9A79B-1419-4C5F-BA88-EFD6F180EBE5}) (Version: 3.0.95.928 - FileOpen Systems, Inc.)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Free YouTube to MP3 Converter version 3.12.8.717 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.8.717 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 1.0.48.0 - GitHub, Inc.)
GnuCash 2.6.1 (HKLM-x32\...\GnuCash_is1) (Version:  - GnuCash Development Team)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version:  - )
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{41101F0C-DBD9-321C-A6B1-E0689B495A4E}) (Version: 5.1.4.17398 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version:  - Ansgar Becker)
HeidiSQL 8.1.0.4545 (HKLM-x32\...\HeidiSQL_is1) (Version: 8.1 - Ansgar Becker)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.5.1080 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{89D2FA50-6002-4AFB-8586-3E38B355E891}) (Version: 15.05.2000.1462 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
Java(TM) 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 6 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160450}) (Version: 1.6.0.450 - Oracle)
JDiskReport 1.4.0 (HKLM-x32\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
jdkp (HKCU\...\jdkp) (Version:  - EQDKP Plus)
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
Juniper Installer Service (HKLM-x32\...\SetupService) (Version: 7.1.0.18671 - Juniper Networks)
Juniper Networks Network Connect 7.1.0 (HKLM-x32\...\Juniper Network Connect 7.1.0) (Version: 7.1.0.18671 - Juniper Networks)
Juniper Networks Network Connect 7.1.14 (HKLM-x32\...\Juniper Network Connect 7.1.14) (Version: 7.1.14.23943 - Juniper Networks)
Juniper Networks Network Connect 7.4.0 (HKLM-x32\...\Juniper Network Connect 7.4.0) (Version: 7.4.0.28485 - Juniper Networks)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.4.8.42127 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
KeePass Password Safe 2.20.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Gaming Software (Version: 8.40.83 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.60418.17931 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visio MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visio Professional 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{cb41fc68-4442-4f7f-b22f-8f31c74897ac}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero BackItUp (x32 Version: 12.5.11000 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20064 - Nero AG) Hidden
Nero BurnRights (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero BurnRights Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.23400 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 12.0.11000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero DiscSpeed 11 (x32 Version: 7.0.10400.2.100 - Nero AG) Hidden
Nero DiscSpeed Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Express (x32 Version: 12.5.7000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero InfoTool (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero InfoTool Help (CHM) (x32 Version: 12.0.0002 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.22.3600 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}) (Version: 12.0.01000 - Nero AG)
Nero SharedVideoCodecs (x32 Version: 1.0.15005 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
Nero12EssTSST (HKLM-x32\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
NetBeans IDE 7.3 (HKLM\...\nbi-nb-base-7.3.0.0.201302132200) (Version: 7.3 - NetBeans.org)
Nettalk 6.7 (HKLM-x32\...\Nettalk_is1) (Version:  - Nicolas Kruse)
NoteBook FanControl (HKLM-x32\...\{f2f2fd85-b6d2-4201-8978-6180eab841b9}) (Version: 1.0.0.0 - Stefan Hirschmann - StagWare)
NoteBook FanControl (x32 Version: 1.0.0.0 - Stefan Hirschmann - StagWare) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Opera 12.15 (HKLM\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Opera Stable 16.0.1196.73 (HKLM-x32\...\Opera 16.0.1196.73) (Version: 16.0.1196.73 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.1 - pdfforge)
Pencil (HKLM-x32\...\Pencil) (Version:  - Evolus Co., Ltd.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PuTTY version 0.62 (HKLM-x32\...\PuTTY_is1) (Version: 0.62 - Simon Tatham)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6710 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Scansoft PDF Professional (x32 Version:  - ) Hidden
Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team)
SecCommerce SecSigner 3.6 (HKLM\...\SecCommerce SecSigner) (Version: 3.6 - SecCommerce Informationssysteme GmbH)
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Secure Download Manager (HKLM-x32\...\{E98D115E-D621-4723-8AF0-147BADA9A466}) (Version: 3.1.40 - Kivuto Solutions Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{873D2AAE-0002-4845-BDF4-AB00E6A37C27}) (Version: 6.5 - Silicon Laboratories, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sophos SSL VPN Client 2.1 (HKLM-x32\...\Sophos SSL VPN Client) (Version: 2.1 - )
SourceTree (x32 Version: 0.9.4 - Atlassian) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
StreamTransport version: 1.1.0.2 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
tools-linux (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
TortoiseGit 1.8.3.0 (64 bit) (HKLM\...\{C39D5E7E-0CA3-4090-AAE3-9F7F4D5D567A}) (Version: 1.8.3.0 - TortoiseGit)
TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Trojan Remover 6.9.1.2929 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2929 - Simply Super Software)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{49893259-C896-4972-9B6C-6B75790945F1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.VISPROR_{65D789FD-9118-45AF-8DE4-F49F358A8525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{65D789FD-9118-45AF-8DE4-F49F358A8525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{7E8D777B-BD75-480D-AC03-AF9C3D83CDBF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{B9DB28D9-15D0-4DDE-A123-C9B82AC9A579}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.VISPROR_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.VISPROR_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.VISPROR_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.VISPROR_{A1416C8A-2BA0-43D0-BCD5-C6C29D029327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{079FC22A-639F-4690-8512-F54DCD8493C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{13A97DC6-1E49-40B1-94E6-EB4CC3087607}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{13A97DC6-1E49-40B1-94E6-EB4CC3087607}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{C89EE024-ECC9-43EB-9D6A-52AB9B73ED63}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{EBEB9885-E941-44AB-960A-FE4970ACB1F1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{2982593C-B10B-4757-A58A-7926ED063448}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{0AA960ED-0F9A-42EC-B9F4-52A104EB954D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{0AA960ED-0F9A-42EC-B9F4-52A104EB954D}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{FA115DB4-AD0A-4C2B-8713-DB15275B7426}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{3EF35AB5-21A1-4858-97BB-E4CF1ECF3736}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{DFC72135-28F1-48CD-B39A-AD28ED0AFEF5}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{00ADF78E-D103-44D9-93FC-4E0B4255DF61}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.VISPROR_{A499C133-698D-430B-970B-E5E2ABB28930}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM-x32\...\{90150000-0054-0407-0000-0000000FF1CE}_Office15.VISPROR_{2FEF519A-1724-4682-8706-17171BF45C62}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{9CEFDC22-A298-451A-905E-28E42B90A563}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
USB3 Hub FW Upgrade Tool version 2.0 (HKLM-x32\...\USB3 Hub FW Upgrade Tool_is1) (Version: 2.0 - )
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9201.20602 - Microsoft Corporation) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
VueScan (HKLM-x32\...\VueScan) (Version:  - )
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows-Treiberpaket - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.1.6 (HKLM-x32\...\winscp3_is1) (Version: 5.1.6 - Martin Prikryl)
XAMPP 1.8.1 (HKLM-x32\...\xampp) (Version:  - )
XCA (remove only) (HKLM-x32\...\xca) (Version:  - )
ZOC Terminal 6.4 (HKLM-x32\...\ZOC6) (Version: 6.45 - EmTec Innovative Software)

==================== Restore Points  =========================

19-02-2014 11:59:49 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-05-01 10:12 - 2014-02-22 21:33 - 00000868 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 srv.local
127.0.0.1 wow.local


==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {15EA297C-3F61-418C-A5BA-2F333B5AFDE1} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2014-02-26] ()
Task: {1A51819E-6174-44D8-9CB3-12B3530EDA67} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2AB52A16-D90D-4A4B-A5DF-61C177A68894} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {46544926-7417-4B14-95BC-F0B34DB205DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-02-12] (Microsoft Corporation)
Task: {47B61593-5994-4AAC-A452-2DD3E1E5FFCB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4A2F720F-5C55-4A8D-A14F-B13C85FC7462} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {5C5DAB92-2D8F-4062-B012-BDB4D75DA84A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-02-12] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7012576E-EDC7-4931-A3A7-9646A8C6729D} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
Task: {719B62E6-E1F1-4BD3-A432-004510C188EE} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7607047D-2D49-488E-9916-1453485A6CA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CA05DA3-9B85-4D97-8D32-59DC220E7744} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E68116E-F09D-4236-828C-A72C04682A39} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-02-12] (Microsoft Corporation)
Task: {970718C1-AE6D-4BC5-9D0F-2F2A7FCF855A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-321065253-2983475057-385218367-1001Core => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AE429383-A740-4E5C-935D-E2CD6461C91E} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {B39DBDFB-1EAD-4EFE-AA37-CE4AB1C8040A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {B9161639-ADFD-468C-B8E0-BD7EEF93E05E} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {BF14D6B0-BABB-4906-A587-428D6CAF1DFA} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2013-11-27] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E741E696-10DE-4E00-AE48-BE1BA2EAC878} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-02] (AVAST Software)
Task: {E7542AA1-764B-40BA-A474-ED0F6F1B336B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {EECC701D-3EF4-45FB-8247-FA02E1F2EB5B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-321065253-2983475057-385218367-1001UA => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
Task: {F779317A-009E-493E-BAB0-C41CCB14C6C7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2014-02-26] ()
Task: {F9DD0A02-10A5-4B81-A6D8-1DFAB2A6920C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-17] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-321065253-2983475057-385218367-1001Core.job => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-321065253-2983475057-385218367-1001UA.job => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-08-30 09:28 - 2012-07-30 12:26 - 00029056 _____ () C:\WINDOWS\system32\DptfParticipantProcessorService.exe
2012-08-30 09:28 - 2012-07-30 12:27 - 00030592 _____ () C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
2013-12-04 13:50 - 2013-12-04 13:50 - 00263168 _____ () C:\Program Files (x86)\NoteBook FanControl\OpenHardwareMonitorLib.dll
2014-02-12 11:39 - 2013-08-23 14:45 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2014-02-12 11:39 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2014-02-12 11:39 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-09-30 15:07 - 2005-04-22 05:36 - 00143360 ____N () C:\WINDOWS\system32\BrSNMP64.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00597144 _____ () C:\Program Files\TortoiseGit\bin\libgit2.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00087704 _____ () C:\Program Files\TortoiseGit\bin\zlib1.dll
2013-11-24 13:37 - 2013-11-24 13:37 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-11-24 13:36 - 2013-11-24 13:36 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-06-03 09:05 - 2011-10-26 16:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-06-03 09:05 - 2011-10-26 16:41 - 00126464 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-10-01 12:02 - 2013-10-01 12:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-20 19:08 - 2012-07-20 19:08 - 08186368 _____ () d:\xampp\mysql\bin\mysqld.exe
2014-02-20 16:35 - 2014-02-20 12:34 - 02181120 _____ () C:\Program Files\AVAST Software\Avast\defs\14022000\algo.dll
2014-02-25 18:47 - 2014-02-25 17:19 - 02182144 _____ () C:\Program Files\AVAST Software\Avast\defs\14022501\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-18 12:46 - 2013-10-18 12:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2012-11-05 18:14 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00451736 _____ () C:\Program Files\TortoiseGit\bin\libgit232.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00077464 _____ () C:\Program Files\TortoiseGit\bin\zlib132.dll
2013-11-24 12:48 - 2013-11-24 12:48 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2013-11-24 12:48 - 2013-11-24 12:48 - 00071408 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2013-10-16 23:16 - 2013-10-16 23:16 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Mike\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 12:16 - 2012-09-08 12:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2013-11-18 21:54 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-02-20 08:00 - 2014-02-20 08:00 - 03623536 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-07-18 22:07 - 2011-07-18 22:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2011-09-21 21:46 - 2011-09-21 21:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2012-04-04 17:47 - 2012-04-04 17:47 - 00108032 _____ () d:\xampp\apache\bin\pcre.dll
2012-09-17 11:05 - 2012-09-17 11:05 - 00025088 _____ () D:\xampp\php\php5apache2_4.dll
2012-04-04 17:47 - 2012-04-04 17:47 - 00108032 _____ () D:\xampp\apache\bin\pcre.dll
2014-02-05 12:17 - 2014-02-05 12:17 - 03019376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-02-05 12:17 - 2014-02-05 12:17 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-02-05 12:17 - 2014-02-05 12:17 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-10-20 11:20 - 2012-11-21 06:26 - 00008704 _____ () C:\Users\Mike\AppData\Roaming\Thunderbird\Profiles\g63njowo.default\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll
2014-02-21 08:47 - 2014-02-20 02:02 - 00051016 _____ () C:\Users\Mike\AppData\Local\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-02-21 08:47 - 2014-02-20 02:02 - 00716616 _____ () C:\Users\Mike\AppData\Local\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-21 08:47 - 2014-02-20 02:02 - 00100168 _____ () C:\Users\Mike\AppData\Local\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-21 08:47 - 2014-02-20 02:03 - 04060488 _____ () C:\Users\Mike\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-21 08:47 - 2014-02-20 02:03 - 00394568 _____ () C:\Users\Mike\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-21 08:47 - 2014-02-20 02:02 - 01647432 _____ () C:\Users\Mike\AppData\Local\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/26/2014 00:25:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 47469

Error: (02/26/2014 00:25:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 47469

Error: (02/26/2014 00:25:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/26/2014 00:25:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46453

Error: (02/26/2014 00:25:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46453

Error: (02/26/2014 00:25:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/26/2014 00:25:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 45438

Error: (02/26/2014 00:25:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 45438

Error: (02/26/2014 00:25:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/26/2014 00:25:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44422


System errors:
=============
Error: (02/25/2014 09:05:19 AM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/25/2014 09:04:49 AM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/24/2014 07:16:51 AM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/24/2014 07:16:21 AM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/23/2014 07:52:35 AM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/23/2014 07:52:05 AM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/22/2014 07:35:12 AM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/22/2014 07:34:42 AM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/21/2014 03:56:54 PM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/21/2014 03:56:24 PM) (Source: DCOM) (User: Mike-Ultrabook)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 80%
Total physical RAM: 3981.92 MB
Available physical RAM: 766.84 MB
Total Pagefile: 8552.63 MB
Available Pagefile: 3264.36 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:102.2 GB) (Free:10.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:110.92 GB) (Free:57.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238 GB) (Disk ID: 8AA9D41E)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 27.02.2014, 09:23   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1: Vermute Trojaner Infektion - Standard

Windows 8.1: Vermute Trojaner Infektion



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8.1: Vermute Trojaner Infektion
100%, andere, archiv, avast, bluescreen, dateien, ergebnisse, error, folge, folgende, geblockt, gleichzeitig, gmer, google, infektion, leute, malwarebytes, neuinstallieren, nicht mehr, schädling, sichere, spybot, tan, trojaner, windows



Ähnliche Themen: Windows 8.1: Vermute Trojaner Infektion


  1. Windows 7 - Evtl. Highjacking/ Trojaner-Infektion nach unvorsichtigem Download
    Log-Analyse und Auswertung - 20.04.2015 (16)
  2. windows 7 cpu Auslastung sehr hoch vermute Virus
    Plagegeister aller Art und deren Bekämpfung - 09.01.2015 (23)
  3. Windows 7 Trojaner infektion nach Plugin installation
    Log-Analyse und Auswertung - 15.04.2014 (15)
  4. vermute keylogger / trojaner
    Log-Analyse und Auswertung - 25.09.2012 (11)
  5. Trojaner-Infektion auf Windows Vista (Exploit.Drop, Trojan.Ransom.Gen...)
    Log-Analyse und Auswertung - 30.08.2012 (3)
  6. GVU Trojaner Infektion Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 22.08.2012 (14)
  7. Datenentschlüsselung nach Infektion mit Windows-Verschlüsselungs-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 16.06.2012 (2)
  8. Windows XP Trojaner infektion
    Log-Analyse und Auswertung - 22.05.2012 (16)
  9. svchost.exe hat 100% Auslastung - vermute Trojaner
    Log-Analyse und Auswertung - 26.07.2011 (30)
  10. Vermute Trojaner
    Log-Analyse und Auswertung - 01.11.2009 (10)
  11. vermute Trojaner der schritte abarbeitet Hilfe
    Plagegeister aller Art und deren Bekämpfung - 22.08.2009 (2)
  12. Vermute Trojaner
    Plagegeister aller Art und deren Bekämpfung - 15.07.2009 (1)
  13. Vermute Infektion
    Log-Analyse und Auswertung - 11.03.2009 (3)
  14. vermute trojaner o.ä. - beim start von windows wird cmd automatisch ausgeführt
    Mülltonne - 12.11.2008 (0)
  15. Pop-ups mit Virenwarnung, HJT-Starten unterbinden - vermute Trojaner
    Log-Analyse und Auswertung - 27.02.2008 (34)
  16. Vermute ein guter Trojaner hat mich erwicht !!!
    Log-Analyse und Auswertung - 23.03.2007 (3)
  17. Vermute Trojaner im Hintergrund
    Log-Analyse und Auswertung - 29.09.2004 (2)

Zum Thema Windows 8.1: Vermute Trojaner Infektion - Hallo liebe Leute, nachdem gestern gleichzeitig in drei unabhängigen Google Mailaccounts zugegriffen wurde (und Google das geblockt hat, weil es verdächtig vorkam), gehe ich davon aus, dass ich am PC - Windows 8.1: Vermute Trojaner Infektion...
Archiv
Du betrachtest: Windows 8.1: Vermute Trojaner Infektion auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.