Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Verdacht: Trojaner auf externer Festplatte

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.03.2014, 15:05   #1
TimoH
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Hallo,

ich habe den Verdacht, dass meine externe Festplatte mit Viren überflutet ist. Die Ordner sind teilweise nicht mehr zu finden, teilweise nur noch als Verlinkungen angezeigt. Wenn ich die Verlinkten Ordner öffne, kommt als Ursprung RECYCLER. Die Größe des Ordners wird als 0 angegeben. Eine Überprüfung mit Avira führt zu keinem Fund von Viren...kann ich irgendwie meine Dateien (vor allem Fotos) retten?


Gruß,
Timo

Alt 28.03.2014, 15:09   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 31.03.2014, 13:43   #3
TimoH
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Hallo,

eset hatte etwas gefunden:

Code:
ATTFilter
C:\$RECYCLE.BIN\S-1-5-21-1633329562-3823532150-3526982155-1000\$R8PAYF0\qdos\CHKDSK.COM	probably unknown COM virus
C:\$RECYCLE.BIN\S-1-5-21-1633329562-3823532150-3526982155-1000\$RHIUJ8Q\qdos\CHKDSK.COM	probably unknown COM virus
F:\lang.lnk	LNK/Agent.V trojan
F:\privates.lnk	LNK/Agent.V trojan
F:\Studium.lnk	LNK/Agent.V trojan
F:\Studium\4.Semester\EDV\Rechnerarchitektur\Emulator\qdos\CHKDSK.COM	probably unknown COM virus
         
Malwarebytes hatte leider nichts gefunden, ebenso wenig Avira Antivirus. Die logs von FRST kommen gleich. Bei F:\ handelt es sich um die ext. Festplatte
__________________

Alt 31.03.2014, 14:16   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Zitat:
Malwarebytes hatte leider nichts gefunden
Du bist also enttäuscht darüber, dass keine Schädlinge auf dem Rechner sind?
Das verstehe wer will
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.04.2014, 13:24   #5
TimoH
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Naja, ich weiß ja das Viren auf der externen Festplatte drauf sind...nur die Frage ist, was macht man mit Trojanern auf der Festplatte, die Ordner (z.b. von Fotos) verstecken?


Alt 04.04.2014, 15:34   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Ich hab dir schon längst Anweisungen gegeben. Wenn du die nicht umsetzt kann dir nicht geholfen werden.
__________________
--> Verdacht: Trojaner auf externer Festplatte

Alt 04.04.2014, 16:14   #7
TimoH
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Oh verzeihe mir.
FRST.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Timmi (administrator) on TIMMIS-PC on 31-03-2014 11:45:58
Running from C:\Users\Timmi\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Hewlett-Packard Corporation) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
( ) C:\Windows\system32\lxeacoms.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
() C:\Windows\SMINST\BLService.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\x64\DPAgent.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Spotify Ltd) C:\Users\Timmi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink Corp.) C:\Program Files (x86)\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1220392 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [OnScreenDisplay] - C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [685568 2008-01-23] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [443904 2008-06-27] (IDT, Inc.)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [15844384 2008-05-14] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [82464 2008-05-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM-x32\...\Run: [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [699456 2008-03-12] (DigitalPersona, Inc.)
HKLM-x32\...\Run: [QPService] - C:\Program Files (x86)\HP\QuickPlay\QPService.exe [468264 2008-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-03-14] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpWirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Health Check Scheduler] - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-16] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-07-02] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [173136 2014-03-25] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1633329562-3823532150-3526982155-1000\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1633329562-3823532150-3526982155-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1633329562-3823532150-3526982155-1000\...\Run: [Spotify Web Helper] - C:\Users\Timmi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-03-20] (Spotify Ltd)
Lsa: [Notification Packages] scecli DPPWDFLT

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=109986&babsrc=HP_ss&mntrId=6780fc000000000000000016eadf339c
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms}
SearchScopes: HKLM - {67155C91-2696-4DBB-BC56-0EDA1AA38304} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms}
SearchScopes: HKLM - {DDF02204-49F2-4F36-869F-00E875485BD5} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - {67155C91-2696-4DBB-BC56-0EDA1AA38304} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms}
SearchScopes: HKLM-x32 - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1
SearchScopes: HKLM-x32 - {DDF02204-49F2-4F36-869F-00E875485BD5} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKCU - DefaultScope {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109986&babsrc=SP_ss&mntrId=6780fc000000000000000016eadf339c
SearchScopes: HKCU - {67155C91-2696-4DBB-BC56-0EDA1AA38304} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&q={searchTerms}
SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1
SearchScopes: HKCU - {DDF02204-49F2-4F36-869F-00E875485BD5} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\30w72673.default
FF user.js: detected! => C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\30w72673.default\user.js
FF DefaultSearchEngine: Search the web (Babylon)
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://search.babylon.com/?affID=109986&babsrc=KW_ss&mntrId=6780fc000000000000000016eadf339c&q=
FF NetworkProxy: "http", "http-proxy.fu-berlin.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Timmi\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\30w72673.default\searchplugins\ask.xml
FF SearchPlugin: C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\30w72673.default\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo! Toolbar - C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\30w72673.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(104) [2011-08-02]
FF Extension: Zynga  - C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\30w72673.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} [2014-03-01]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\30w72673.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2013-06-04]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\30w72673.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: Greasemonkey - C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\30w72673.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-06-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-06-30]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKCU\...\Firefox\Extensions: [{5F645394-1230-484A-A471-BF5FACA207EF}] - C:\Users\Timmi\AppData\Local\{5F645394-1230-484A-A471-BF5FACA207EF}
FF Extension: XULRunner - C:\Users\Timmi\AppData\Local\{5F645394-1230-484A-A471-BF5FACA207EF} [2011-06-06]

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\AESTSr64.exe [89088 2008-06-27] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [121424 2014-03-25] (Avira Operations GmbH & Co. KG)
S2 ERDAS2; C:\Program Files (x86)\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe [630272 2006-07-07] (Macrovision Corporation)
S2 FLEXlm Service 1; C:\Program Files (x86)\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe [630272 2006-07-07] (Macrovision Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-01-07] ( )
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 QPCapSvc; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292216 2008-06-25] ()
R2 QPSched; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe [116080 2008-06-25] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-26] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\STacSV64.exe [246784 2008-06-27] (IDT, Inc.)
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [717104 2008-04-27] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2008-04-27] (Validity Sensors, Inc.)
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" [X]
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306560 2008-06-10] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 NVENETFD; C:\Windows\System32\DRIVERS\nvm60x64.sys [742696 2006-10-10] (NVIDIA Corporation)
R2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2002-10-08] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [203320 2012-06-04] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 vfs101a; C:\Windows\System32\drivers\vfs101a.sys [49968 2008-04-27] (Validity Sensors, Inc.)
R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; C:\Program Files (x86)\HP\QuickPlay\000.fcl [27632 2008-06-25] (Cyberlink Corp.)
S2 DS1410D; SYSTEM32\drivers\DS1410D.SYS [X]
U1 eabfiltr; 
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 Sentinel; \SystemRoot\System32\Drivers\SENTINEL.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-31 11:45 - 2014-03-31 11:46 - 00024607 _____ () C:\Users\Timmi\Downloads\FRST.txt
2014-03-31 11:45 - 2014-03-31 11:45 - 02157056 _____ (Farbar) C:\Users\Timmi\Downloads\FRST64.exe
2014-03-31 11:45 - 2014-03-31 11:45 - 00000000 ____D () C:\FRST
2014-03-31 11:25 - 2014-03-31 11:25 - 00001046 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-31 01:25 - 2014-03-31 01:25 - 00000000 ____D () C:\Users\Timmi\Documents\Bluetooth-Exchange-Ordner
2014-03-31 01:01 - 2014-03-31 01:04 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-03-31 01:01 - 2014-03-31 01:04 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-03-31 01:01 - 2014-03-31 01:04 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-03-31 01:01 - 2014-03-31 01:03 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-03-31 01:01 - 2014-03-31 01:02 - 00000000 ____D () C:\Windows\system32\vi-VN
2014-03-31 01:01 - 2014-03-31 01:02 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-03-30 19:28 - 2014-03-30 19:28 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-29 11:57 - 2014-03-30 18:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 11:56 - 2014-03-29 11:56 - 00000943 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 11:56 - 2014-03-05 10:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-29 11:56 - 2014-03-05 10:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-29 11:56 - 2014-03-05 10:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-29 11:44 - 2014-03-29 11:44 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Timmi\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 00:35 - 2014-03-27 00:36 - 00000000 ____D () C:\Users\Timmi\Desktop\Judo WEttkampflizenz
2014-03-26 12:39 - 2014-03-26 12:49 - 00000000 ____D () C:\Users\Timmi\Desktop\Camino de la Muerte
2014-03-24 11:33 - 2014-03-24 11:33 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\Avira
2014-03-24 11:25 - 2014-02-25 12:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-03-24 11:25 - 2014-02-25 12:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-03-24 11:25 - 2014-02-25 12:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-03-24 11:18 - 2014-03-31 11:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-24 11:18 - 2014-03-31 11:25 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-24 11:18 - 2014-03-24 11:25 - 00000000 ____D () C:\ProgramData\Avira
2014-03-24 11:17 - 2014-03-24 11:17 - 04051104 _____ (Avira Operations GmbH & Co. KG) C:\Users\Timmi\Downloads\avira_de_av___ws(1).exe
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGTDIA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGRKX64.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGLOGA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGIDSHA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGIDSDRIVERA.SYS
2014-03-24 01:50 - 2014-03-24 01:50 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\TuneUp Software
2014-03-24 01:48 - 2014-03-24 02:08 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-24 01:30 - 2014-03-24 11:00 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-24 01:30 - 2014-03-24 01:30 - 00000000 ____D () C:\Users\Timmi\AppData\Local\MFAData
2014-03-24 01:29 - 2014-03-24 01:29 - 04462384 _____ (AVG Technologies) C:\Users\Timmi\Downloads\avg_free_stb_all_2014_4335_cnet.exe
2014-03-24 00:21 - 2014-03-24 00:21 - 00000000 ____D () C:\Users\Timmi\Desktop\Fotos Chile antofa
2014-03-19 17:31 - 2014-03-19 17:31 - 00000000 ____D () C:\Users\Timmi\AppData\Local\Skype
2014-03-16 23:27 - 2014-03-16 23:27 - 00000450 _____ () C:\Users\Timmi\Desktop\eset.txt
2014-03-16 21:39 - 2014-03-17 09:21 - 04051048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Timmi\Downloads\avira_de_av___ws.exe
2014-03-16 20:08 - 2014-03-16 20:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-16 20:07 - 2014-03-16 20:07 - 02347384 _____ (ESET) C:\Users\Timmi\Downloads\esetsmartinstaller_enu.exe
2014-03-01 15:27 - 2014-03-19 04:07 - 00000000 ____D () C:\Windows\system32\MRT

==================== One Month Modified Files and Folders =======

2014-03-31 11:46 - 2014-03-31 11:45 - 00024607 _____ () C:\Users\Timmi\Downloads\FRST.txt
2014-03-31 11:45 - 2014-03-31 11:45 - 02157056 _____ (Farbar) C:\Users\Timmi\Downloads\FRST64.exe
2014-03-31 11:45 - 2014-03-31 11:45 - 00000000 ____D () C:\FRST
2014-03-31 11:32 - 2008-09-19 14:44 - 01728870 _____ () C:\Windows\WindowsUpdate.log
2014-03-31 11:27 - 2006-11-02 17:27 - 00205400 _____ () C:\Windows\setupact.log
2014-03-31 11:26 - 2014-03-24 11:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-31 11:26 - 2008-07-31 18:17 - 00628742 _____ () C:\Windows\system32\perfh007.dat
2014-03-31 11:26 - 2008-07-31 18:17 - 00126454 _____ () C:\Windows\system32\perfc007.dat
2014-03-31 11:26 - 2008-07-31 10:37 - 00003574 _____ () C:\Windows\System32\Tasks\HP Health Check
2014-03-31 11:26 - 2006-11-02 14:46 - 01445310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-31 11:25 - 2014-03-31 11:25 - 00001046 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-31 11:25 - 2014-03-24 11:18 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-31 11:21 - 2012-12-27 16:45 - 00000000 ____D () C:\Users\Timmi\AppData\Local\LogMeIn Hamachi
2014-03-31 11:21 - 2008-09-19 15:33 - 00192525 _____ () C:\ProgramData\nvModes.001
2014-03-31 11:20 - 2013-06-04 16:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-31 11:20 - 2011-01-31 23:48 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-31 11:19 - 2012-05-15 14:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 11:19 - 2008-09-19 15:33 - 00192525 _____ () C:\ProgramData\nvModes.dat
2014-03-31 11:19 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-31 11:19 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-31 11:19 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-31 09:42 - 2008-07-31 08:37 - 00005332 _____ () C:\Windows\bthservsdp.dat
2014-03-31 09:42 - 2006-11-02 17:42 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-31 09:31 - 2008-01-21 05:26 - 00226816 _____ () C:\Windows\PFRO.log
2014-03-31 01:53 - 2012-05-15 14:08 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-31 01:35 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
2014-03-31 01:25 - 2014-03-31 01:25 - 00000000 ____D () C:\Users\Timmi\Documents\Bluetooth-Exchange-Ordner
2014-03-31 01:23 - 2008-11-02 16:37 - 00000981 _____ () C:\Users\Timmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-31 01:23 - 2008-11-02 16:37 - 00000951 _____ () C:\Users\Timmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-31 01:23 - 2008-11-02 16:36 - 00000917 _____ () C:\Users\Timmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-03-31 01:14 - 2006-11-02 17:21 - 02563968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-31 01:06 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-03-31 01:06 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2014-03-31 01:06 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-31 01:06 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Collaboration
2014-03-31 01:06 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Movie Maker
2014-03-31 01:05 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-31 01:05 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-03-31 01:05 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Gallery
2014-03-31 01:05 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files (x86)\Windows Calendar
2014-03-31 01:05 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\servicing
2014-03-31 01:04 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-03-31 01:04 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-03-31 01:04 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-03-31 01:04 - 2006-11-02 17:07 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\SLUI
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-03-31 01:03 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-03-31 01:03 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-03-31 01:03 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\oobe
2014-03-31 01:03 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-03-31 01:03 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-03-31 01:03 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\et-EE
2014-03-31 01:03 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\IME
2014-03-31 01:02 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\system32\vi-VN
2014-03-31 01:02 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\th-TH
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\SLUI
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\setup
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\migwiz
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\he-IL
2014-03-31 01:02 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-03-31 01:02 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-03-31 01:02 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-03-31 00:49 - 2008-09-19 15:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-30 21:45 - 2009-07-24 19:51 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\vlc
2014-03-30 20:56 - 2008-11-02 21:14 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-30 20:48 - 2012-05-15 14:08 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 20:48 - 2012-05-15 14:08 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-30 20:02 - 2012-08-15 21:20 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\Spotify
2014-03-30 19:28 - 2014-03-30 19:28 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 18:49 - 2012-04-17 19:50 - 00000000 ____D () C:\Users\Timmi\Documents\altes_zeug
2014-03-30 18:48 - 2008-11-02 16:48 - 00000000 ____D () C:\Users\Timmi\Documents\Meine empfangenen Dateien
2014-03-30 18:39 - 2013-03-13 14:36 - 00000000 ___RD () C:\Users\Timmi\Desktop\Bachelorarbeit
2014-03-30 18:36 - 2013-06-01 10:23 - 00000000 ____D () C:\Users\Timmi\Desktop\chile_tutor
2014-03-30 18:36 - 2013-01-15 23:41 - 00000000 ____D () C:\Users\Timmi\Desktop\JUDO_TRAINER
2014-03-30 18:36 - 2010-11-15 22:41 - 00000000 ___RD () C:\Users\Timmi\Desktop\Studium
2014-03-30 18:33 - 2013-07-29 23:19 - 00000000 ____D () C:\Users\Timmi\Desktop\fotos vom Handy
2014-03-30 18:21 - 2014-03-29 11:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 15:20 - 2008-11-02 16:41 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{72785C6B-DFB4-4CEF-8E61-9ADABE3F6802}
2014-03-30 15:20 - 2008-11-02 16:41 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{72785C6B-DFB4-4CEF-8E61-9ADABE3F6802}.job
2014-03-29 12:24 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\Globalization
2014-03-29 12:22 - 2008-11-02 21:46 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-03-29 12:15 - 2012-01-08 03:06 - 00000000 ____D () C:\Users\Timmi\Desktop\z
2014-03-29 11:56 - 2014-03-29 11:56 - 00000943 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 11:44 - 2014-03-29 11:44 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Timmi\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 00:36 - 2014-03-27 00:35 - 00000000 ____D () C:\Users\Timmi\Desktop\Judo WEttkampflizenz
2014-03-26 12:51 - 2012-11-04 19:55 - 00000000 ____D () C:\Users\Timmi\Desktop\Foto für Leinwand
2014-03-26 12:49 - 2014-03-26 12:39 - 00000000 ____D () C:\Users\Timmi\Desktop\Camino de la Muerte
2014-03-26 01:34 - 2012-03-04 01:59 - 00000000 ____D () C:\Program Files\models
2014-03-26 00:36 - 2012-03-04 01:59 - 00000000 ____D () C:\Program Files\savegame
2014-03-26 00:36 - 2012-03-04 01:59 - 00000000 ____D () C:\Program Files\data
2014-03-25 21:43 - 2008-11-02 17:30 - 00000021 _____ () C:\ProgramData\hpqp.txt
2014-03-25 18:20 - 2012-08-15 21:21 - 00000000 ____D () C:\Users\Timmi\AppData\Local\Spotify
2014-03-24 11:33 - 2014-03-24 11:33 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\Avira
2014-03-24 11:25 - 2014-03-24 11:18 - 00000000 ____D () C:\ProgramData\Avira
2014-03-24 11:17 - 2014-03-24 11:17 - 04051104 _____ (Avira Operations GmbH & Co. KG) C:\Users\Timmi\Downloads\avira_de_av___ws(1).exe
2014-03-24 11:00 - 2014-03-24 01:30 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-24 02:08 - 2014-03-24 01:48 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGTDIA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGRKX64.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGLOGA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGIDSHA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGIDSDRIVERA.SYS
2014-03-24 01:50 - 2014-03-24 01:50 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\TuneUp Software
2014-03-24 01:30 - 2014-03-24 01:30 - 00000000 ____D () C:\Users\Timmi\AppData\Local\MFAData
2014-03-24 01:29 - 2014-03-24 01:29 - 04462384 _____ (AVG Technologies) C:\Users\Timmi\Downloads\avg_free_stb_all_2014_4335_cnet.exe
2014-03-24 00:21 - 2014-03-24 00:21 - 00000000 ____D () C:\Users\Timmi\Desktop\Fotos Chile antofa
2014-03-23 14:57 - 2009-08-03 15:37 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\dvdcss
2014-03-20 16:50 - 2008-11-02 17:57 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\Skype
2014-03-20 13:21 - 2008-12-09 08:03 - 00007592 _____ () C:\Users\Timmi\AppData\Local\d3d9caps.dat
2014-03-19 17:31 - 2014-03-19 17:31 - 00000000 ____D () C:\Users\Timmi\AppData\Local\Skype
2014-03-19 17:30 - 2012-04-11 17:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-19 17:30 - 2008-11-02 17:20 - 00000000 ____D () C:\ProgramData\Skype
2014-03-19 04:07 - 2014-03-01 15:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 04:01 - 2006-11-02 14:35 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-17 09:21 - 2014-03-16 21:39 - 04051048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Timmi\Downloads\avira_de_av___ws.exe
2014-03-16 23:27 - 2014-03-16 23:27 - 00000450 _____ () C:\Users\Timmi\Desktop\eset.txt
2014-03-16 20:08 - 2014-03-16 20:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-16 20:07 - 2014-03-16 20:07 - 02347384 _____ (ESET) C:\Users\Timmi\Downloads\esetsmartinstaller_enu.exe
2014-03-12 16:24 - 2013-06-04 16:47 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 16:24 - 2013-06-04 16:47 - 00003738 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 16:24 - 2011-12-04 22:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-05 10:26 - 2014-03-29 11:56 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 10:26 - 2014-03-29 11:56 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 10:26 - 2014-03-29 11:56 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-04 17:20 - 2009-01-02 15:01 - 00000000 ____D () C:\Users\Timmi\Desktop\Kommunikation
2014-03-04 17:20 - 2008-11-02 16:37 - 00000000 ___RD () C:\Users\Timmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Files to move or delete:
====================
C:\ProgramData\DVD.exe
C:\ProgramData\ezsid.dat
C:\ProgramData\Games.exe
C:\ProgramData\Karaoke.exe
C:\ProgramData\MobileTV.exe
C:\ProgramData\MPV.exe


Some content of TEMP:
====================
C:\Users\Timmi\AppData\Local\Temp\AutoRun.exe
C:\Users\Timmi\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Timmi\AppData\Local\Temp\avgnt.exe
C:\Users\Timmi\AppData\Local\Temp\contentDATs.exe
C:\Users\Timmi\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Timmi\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Timmi\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Timmi\AppData\Local\Temp\SIntf16.dll
C:\Users\Timmi\AppData\Local\Temp\SIntf32.dll
C:\Users\Timmi\AppData\Local\Temp\SIntfNT.dll
C:\Users\Timmi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Timmi\AppData\Local\Temp\vmpremov.exe
C:\Users\Timmi\AppData\Local\Temp\{52276111-16C2-46BF-8E9F-AE532B63FBE4}-GoogleEarth-Win-Bundle-7.1.2.2041.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-31 11:26

==================== End Of Log ============================
         
--- --- ---

--- --- ---



und Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Timmi at 2014-03-31 11:47:20
Running from C:\Users\Timmi\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version:  - )
Apple Application Support (HKLM-x32\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
AVerMedia A309 (MiniCard, DVB-T) 1.0.64.45 (HKLM-x32\...\AVerMedia A309 (MiniCard, DVB-T)) (Version: 1.0.64.45 - AVerMedia TECHNOLOGIES, Inc.)
Avira (HKLM-x32\...\{628220ce-1d5b-48fe-8fc8-73b111141180}) (Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bonjour (HKLM\...\{0E543634-7E25-4B8F-8D5B-97880E5E5088}) (Version: 2.0.5.0 - Apple Inc.)
Bonnprint/iText (HKLM-x32\...\BPiText) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{761B6C00-A23A-4F17-9D23-CB7E48307314}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - DE (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x32 Version: 16.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1519 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.1616 - CyberLink Corp.) Hidden
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
Die Völker 2 Gold Edition (HKLM-x32\...\{8C0A88AE-8388-42D5-9134-149BCD77E4F2}) (Version: 2.0.2 - JoWooD Productions Software AG)
DigitalPersona Personal 3.0.1 (HKLM\...\{20D621AE-A08D-4009-9489-73D0B7D96537}) (Version: 3.0.1 - DigitalPersona, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ERDAS IMAGINE 8.5 (HKLM-x32\...\ERDAS IMAGINE 8.5) (Version:  - )
ERDAS IMAGINE 9.1 (HKLM-x32\...\{AC884A85-6A98-4E03-A708-431E1F1682FA}) (Version: 9.1 - Leica Geosystems Geospatial Imaging, LLC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESU for Microsoft Vista (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Plug-In (HKCU\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Free 3GP Video Converter version 3.1 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version:  - DVD Video Soft Limited.)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free DVD Video Burner version 1.1 (HKLM-x32\...\Free DVD Video Burner_is1) (Version:  - DVD Video Soft Limited.)
Free Studio version 4.3 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free Video to DVD Converter version 1.1 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version:  - DVD Video Soft Limited.)
Free Video to iPod Converter version 3.1 (HKLM-x32\...\Free Video to iPod Converter_is1) (Version:  - DVD Video Soft Limited.)
Free Video to Mp3 Converter version 3.1 (HKLM-x32\...\Free Video to Mp3 Converter_is1) (Version:  - DVD Video Soft Limited.)
Free YouTube Download 2.2 (HKLM-x32\...\Free YouTube Download_is1) (Version:  - DVD Video Soft Limited.)
Free YouTube Uploader version 2.2 (HKLM-x32\...\Free YouTube Uploader_is1) (Version:  - DVD Video Soft Limited.)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP Active Support Library (x32 Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (HKLM-x32\...\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Doc Viewer (HKLM-x32\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM-x32\...\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Help and Support (HKLM-x32\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6204 - HP)
HP Quick Launch Buttons 6.40 D1 (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 D1 - Hewlett-Packard)
HP QuickPlay 3.7 (HKLM-x32\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - Hewlett-Packard)
HP QuickTouch 1.00 D2 (HKLM\...\{1AD2F8FE-A357-4728-BDF8-B92D794CE793}) (Version: 1.0.9 - Hewlett-Packard)
HP Total Care Advisor (HKLM-x32\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.3359.2635 - Hewlett-Packard)
HP Update (HKLM-x32\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HP User Guides 0103 (HKLM-x32\...\{B8169E45-8E23-430B-91D1-EC64540C8ED0}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{340F521E-3576-4E1A-B75C-EB0ACF751379}) (Version: 3.00 J1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6017.13 - IDT)
Interaktive Sprachreise - English Kommunikationstrainer (HKLM-x32\...\KTE_15_676826) (Version:  - digital publishing AG)
iTunes (HKLM\...\{BCF07271-A853-4D3A-B668-4B752174CAA8}) (Version: 10.3.1.55 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java(TM) 6 Update 6 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JMicron JMB38X Flash Media Controller (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.16.01 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2719 - CyberLink Corp.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Majesty (HKLM-x32\...\{CEAF3507-FCB3-11D2-850C-00C0F01410B1}) (Version:  - )
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) (x32 Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) German (x32 Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 21.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 21.0 (x86 de)) (Version: 21.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 21.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM-x32\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM-x32\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
My HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.43 - WildTangent)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Open Freely (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66C3}_is1) (Version: 1.0 - Download Freely, LLC)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4518 - CyberLink Corp.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3919 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2719 - CyberLink Corp.)
PowerDirector (x32 Version: 6.5.2719 - CyberLink Corp.) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{191C1158-D287-4074-B749-D4CDD321E062}) (Version: 3.10.1.7 - Hewlett-Packard)
Quantum GIS Wroclaw 1.7.4 Wroclaw (HKLM-x32\...\Quantum GIS Wroclaw) (Version: 1.7.4-r67332-1 - QGIS Development Team)
QuickPlay SlingPlayer 0.4.6 (HKLM-x32\...\SlingMedia.QPSlingPlayer_is1) (Version: 0.4.6 - SlingMedia)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.4.0 - Synaptics)
TAS (HKLM-x32\...\DhtDeinstKey) (Version:  - )
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
Tropico (HKLM-x32\...\{818FB39B-1A57-4F1B-A54D-391C33D6C586}) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.39 - Validity Sensors, Inc.)
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.0.0 (HKLM-x32\...\VLC media player) (Version: 1.0.0 - VideoLAN Team)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

30-03-2014 17:35:50 Windows Vista™ Service Pack 2

==================== Hosts content: ==========================

2006-11-02 14:34 - 2006-09-18 23:37 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {41B89B59-CFEA-4BC3-A0A4-65A2E94507C0} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {4966F2ED-6344-4806-A63E-A62B31E21079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15] (Google Inc.)
Task: {6B331582-89A1-462C-83BB-5D60FBB0AE39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15] (Google Inc.)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C2E438EC-409D-4AC1-B2ED-47C781AEE9B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {C451ACF6-F5B0-4221-898B-A989CC0FCD45} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C9A6BB9E-7C3A-4E92-9300-8579E5CEED11} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{72785C6B-DFB4-4CEF-8E61-9ADABE3F6802}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2010-03-13 19:49 - 2009-11-04 14:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00292216 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2008-07-31 09:17 - 2008-06-25 22:36 - 00116080 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
2008-07-31 10:30 - 2008-04-26 01:15 - 00361808 _____ () C:\Windows\SMINST\BLService.exe
2008-07-31 10:22 - 2007-01-09 11:25 - 00272024 _____ () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2008-06-19 13:59 - 2008-06-19 13:59 - 00167936 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-07-31 09:16 - 2008-06-25 22:34 - 00074536 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\Common\MCEMediaStatus64.dll
2008-04-11 08:49 - 2008-04-11 08:49 - 00685360 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
2014-03-24 11:25 - 2014-02-25 12:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00259480 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00038184 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00120216 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00345384 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
2008-07-31 10:30 - 2007-11-15 01:46 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
2009-09-04 23:15 - 2009-09-04 23:15 - 00067872 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-03-24 11:28 - 2014-03-14 13:46 - 00049744 _____ () C:\Users\Timmi\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2011-06-23 08:49 - 2013-05-12 00:26 - 03128728 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 16:24 - 2014-03-12 16:24 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00137808 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00063568 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter #7
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/31/2014 01:23:15 AM) (Source: ESENT) (User: )
Description: WinMail (3720) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (03/31/2014 01:23:07 AM) (Source: ESENT) (User: )
Description: WinMail (3420) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (03/30/2014 07:31:24 PM) (Source: MsiInstaller) (User: Timmis-PC)
Description: Produkt: iTunes -- Fehler 1730. Sie müssen über Administratorrechte verfügen, um diese Anwendung entfernen zu können. Melden Sie sich als Administrator an oder wenden Sie sich an den technischen Support, um Unterstützung zu erhalten.

Error: (03/30/2014 07:15:20 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2.manifest.

Error: (03/30/2014 07:15:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2.manifest.

Error: (03/30/2014 07:15:09 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2.manifest.

Error: (03/30/2014 07:15:05 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_15302f0af3bbd1ec.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2.manifest.

Error: (03/29/2014 11:35:50 AM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.0.6001.18164 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: de4
Anfangszeit: 01cf4b31238ce63b
Zeitpunkt der Beendigung: 25366

Error: (03/28/2014 07:02:35 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.0.6001.18164 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 9c
Anfangszeit: 01cf4aa72727666f
Zeitpunkt der Beendigung: 15

Error: (03/28/2014 07:01:09 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.0.6001.18164 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: ea4
Anfangszeit: 01cf4aa6a44ffa4f
Zeitpunkt der Beendigung: 60000


System errors:
=============
Error: (03/31/2014 11:23:26 AM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X64

Error: (03/31/2014 11:22:55 AM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86

Error: (03/31/2014 11:20:35 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (03/31/2014 11:20:23 AM) (Source: Service Control Manager) (User: )
Description: FLEXlm Service 1%%1053

Error: (03/31/2014 11:20:23 AM) (Source: Service Control Manager) (User: )
Description: 30000FLEXlm Service 1

Error: (03/31/2014 11:20:23 AM) (Source: Service Control Manager) (User: )
Description: ERDAS2%%1053

Error: (03/31/2014 11:20:23 AM) (Source: Service Control Manager) (User: )
Description: 30000ERDAS2

Error: (03/31/2014 11:20:23 AM) (Source: Service Control Manager) (User: )
Description: ERDAS%%1053

Error: (03/31/2014 11:20:23 AM) (Source: Service Control Manager) (User: )
Description: 30000ERDAS

Error: (03/31/2014 11:20:23 AM) (Source: Service Control Manager) (User: )
Description: AVGIDSAgentAVGIDSDriver


Microsoft Office Sessions:
=========================
Error: (02/19/2012 07:05:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 407 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (02/06/2012 10:46:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10141 seconds with 4920 seconds of active time.  This session ended with a crash.

Error: (06/07/2011 11:46:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-03-31 11:47:07.279
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-31 11:47:07.181
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-31 11:47:07.082
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-31 11:47:06.974
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-31 11:47:06.794
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-31 11:47:06.686
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-31 11:47:06.562
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-31 11:47:06.464
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-31 11:47:06.115
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-31 11:47:06.017
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 62%
Total physical RAM: 4092.03 MB
Available physical RAM: 1529.54 MB
Total Pagefile: 8403.3 MB
Available Pagefile: 5304.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:288.17 GB) (Free:37.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:298.09 GB) (Free:146.13 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:9.92 GB) (Free:1.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:276.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 07D207D1)
Partition 1: (Active) - (Size=288 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: 71A60E69)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CFEBFFCA)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 04.04.2014, 16:17   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Hast du noch mehr Funde gehabt oder sind das die einzigen, die du in Beitrag #3 gepostet hast?

Zitat:
CorelDRAW Graphics Suite X5
Adobe Bridge CS3
Adobe Photoshop CS3
Gewerblich genutztes System? Oder hat die Installation der Profi-Software auf diesem Rechner einen anderen Grund?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.04.2014, 17:01   #9
TimoH
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Bei einem Scan kamen glaub ich über 200 Viren auf der ext. Festplatte heraus. Das Problem ist, dass der Laptop vorm Beenden ausgegangen ist.
Corel war nur für einen Monat gratis. Keines der Programme habe ich gewerblich genutzt.

Alt 04.04.2014, 18:19   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.04.2014, 13:50   #11
TimoH
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Okay, habe ich gemacht:

Code:
ATTFilter
ComboFix 14-04-05.01 - Timmi 05/04/2014  13:06:54.1.2 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.4092.1866 [GMT 2:00]
ausgeführt von:: c:\users\Timmi\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Timmi\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Timmi\Documents\~WRL0005.tmp
c:\users\Timmi\Documents\~WRL3752.tmp
c:\windows\IsUn0407.exe
G:\autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-05 bis 2014-04-05  ))))))))))))))))))))))))))))))
.
.
2014-04-05 11:20 . 2014-04-05 11:20	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-01 03:35 . 2014-04-01 03:35	--------	d-----w-	c:\program files\Windows Portable Devices
2014-04-01 03:35 . 2014-04-01 03:35	--------	d-----w-	c:\program files (x86)\Windows Portable Devices
2014-04-01 02:41 . 2014-04-01 02:41	--------	d-----w-	c:\windows\Migration
2014-04-01 02:20 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2014-04-01 02:20 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2014-04-01 02:20 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2014-04-01 02:20 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2014-04-01 02:20 . 2009-07-14 12:19	20480	----a-w-	c:\windows\system32\winusb.dll
2014-04-01 02:20 . 2009-07-14 12:12	16896	----a-w-	c:\windows\SysWow64\winusb.dll
2014-04-01 02:20 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2014-04-01 02:20 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2014-04-01 02:20 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2014-04-01 02:20 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2014-04-01 02:20 . 2009-07-14 00:06	40448	----a-w-	c:\windows\system32\drivers\winusb.sys
2014-04-01 02:10 . 2014-04-01 02:10	979456	----a-w-	c:\windows\SysWow64\MFH264Dec.dll
2014-04-01 02:09 . 2014-04-01 02:09	3584	----a-w-	c:\windows\system32\drivers\de-DE\dxgkrnl.sys.mui
2014-04-01 01:30 . 2009-09-10 02:05	103424	----a-w-	c:\windows\system32\UIAnimation.dll
2014-04-01 01:30 . 2009-09-10 02:00	92672	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2014-04-01 01:30 . 2009-09-10 02:06	1164800	----a-w-	c:\windows\system32\UIRibbonRes.dll
2014-04-01 01:30 . 2009-09-10 02:00	1164800	----a-w-	c:\windows\SysWow64\UIRibbonRes.dll
2014-04-01 01:30 . 2009-09-10 02:07	3815424	----a-w-	c:\windows\system32\UIRibbon.dll
2014-04-01 01:30 . 2009-09-10 02:01	3023360	----a-w-	c:\windows\SysWow64\UIRibbon.dll
2014-04-01 01:30 . 2012-02-29 15:37	5632	----a-w-	c:\windows\system32\wmi.dll
2014-04-01 01:30 . 2012-02-29 15:11	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2014-04-01 01:30 . 2012-02-29 13:52	16384	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2014-03-31 12:25 . 2012-09-25 16:31	91648	----a-w-	c:\windows\system32\synceng.dll
2014-03-31 12:25 . 2012-09-25 16:19	75776	----a-w-	c:\windows\SysWow64\synceng.dll
2014-03-31 12:25 . 2011-12-14 16:38	621056	----a-w-	c:\windows\system32\msvcrt.dll
2014-03-31 12:25 . 2011-12-14 16:17	680448	----a-w-	c:\windows\SysWow64\msvcrt.dll
2014-03-31 12:25 . 2013-03-03 19:13	1513320	----a-w-	c:\windows\system32\drivers\ntfs.sys
2014-03-31 12:23 . 2012-11-20 04:22	204288	----a-w-	c:\windows\SysWow64\ncrypt.dll
2014-03-31 12:22 . 2011-08-25 16:20	735744	----a-w-	c:\windows\system32\UIAutomationCore.dll
2014-03-31 12:22 . 2011-08-25 16:19	847360	----a-w-	c:\windows\system32\oleaut32.dll
2014-03-31 12:22 . 2011-08-25 16:19	332288	----a-w-	c:\windows\system32\oleacc.dll
2014-03-31 12:22 . 2011-08-25 16:15	555520	----a-w-	c:\windows\SysWow64\UIAutomationCore.dll
2014-03-31 12:22 . 2011-08-25 16:14	563712	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-03-31 12:22 . 2011-08-25 16:14	238080	----a-w-	c:\windows\SysWow64\oleacc.dll
2014-03-31 12:22 . 2011-08-25 13:54	4096	----a-w-	c:\windows\system32\oleaccrc.dll
2014-03-31 12:22 . 2011-08-25 13:31	4096	----a-w-	c:\windows\SysWow64\oleaccrc.dll
2014-03-31 12:22 . 2011-06-15 16:16	180736	----a-w-	c:\windows\system32\xmllite.dll
2014-03-31 12:21 . 2011-11-16 16:43	442368	----a-w-	c:\windows\system32\winhttp.dll
2014-03-31 12:21 . 2011-11-16 16:23	377344	----a-w-	c:\windows\SysWow64\winhttp.dll
2014-03-31 12:21 . 2011-10-14 17:31	211968	----a-w-	c:\windows\system32\winmm.dll
2014-03-31 12:21 . 2011-10-14 17:27	48128	----a-w-	c:\windows\system32\mcicda.dll
2014-03-31 12:21 . 2011-10-14 17:27	28672	----a-w-	c:\windows\system32\mciwave.dll
2014-03-31 12:21 . 2011-10-14 17:27	28160	----a-w-	c:\windows\system32\mciseq.dll
2014-03-31 12:21 . 2011-10-14 16:03	189952	----a-w-	c:\windows\SysWow64\winmm.dll
2014-03-31 12:21 . 2011-10-14 16:00	23552	----a-w-	c:\windows\SysWow64\mciseq.dll
2014-03-31 12:21 . 2013-07-03 04:24	107008	----a-w-	c:\windows\system32\wiafbdrv.dll
2014-03-31 12:21 . 2013-07-03 02:55	40960	----a-w-	c:\windows\system32\drivers\usbscan.sys
2014-03-31 12:21 . 2013-07-03 02:22	31616	----a-w-	c:\windows\system32\drivers\hidparse.sys
2014-03-31 12:20 . 2012-08-21 11:50	267648	----a-w-	c:\windows\system32\drivers\volsnap.sys
2014-03-31 12:20 . 2013-07-05 04:45	1423808	----a-w-	c:\windows\system32\drivers\tcpip.sys
2014-03-31 12:20 . 2011-10-14 17:30	559616	----a-w-	c:\windows\system32\EncDec.dll
2014-03-31 12:20 . 2011-10-14 16:02	429056	----a-w-	c:\windows\SysWow64\EncDec.dll
2014-03-31 12:19 . 2011-04-21 14:17	695296	----a-w-	c:\windows\system32\drivers\bthport.sys
2014-03-31 12:19 . 2009-06-17 10:37	35328	----a-w-	c:\windows\system32\drivers\BTHUSB.SYS
2014-03-31 12:19 . 2013-07-16 09:25	689152	----a-w-	c:\windows\system32\themeui.dll
2014-03-31 12:19 . 2013-07-16 04:35	615936	----a-w-	c:\windows\SysWow64\themeui.dll
2014-03-31 12:17 . 2013-07-04 04:13	633856	----a-w-	c:\windows\system32\comctl32.dll
2014-03-31 12:16 . 2011-11-18 18:07	76800	----a-w-	c:\windows\system32\packager.dll
2014-03-31 12:15 . 2011-07-29 16:08	375808	----a-w-	c:\windows\system32\psisdecd.dll
2014-03-31 12:15 . 2011-07-29 16:08	289792	----a-w-	c:\windows\system32\psisrndr.ax
2014-03-31 12:15 . 2011-07-29 16:06	100352	----a-w-	c:\windows\system32\Mpeg2Data.ax
2014-03-31 12:15 . 2011-07-29 16:01	293376	----a-w-	c:\windows\SysWow64\psisdecd.dll
2014-03-31 12:15 . 2011-07-29 16:01	217088	----a-w-	c:\windows\SysWow64\psisrndr.ax
2014-03-31 12:15 . 2011-07-29 16:00	69632	----a-w-	c:\windows\SysWow64\Mpeg2Data.ax
2014-03-31 12:15 . 2011-07-29 16:06	73216	----a-w-	c:\windows\system32\MSDvbNP.ax
2014-03-31 12:15 . 2011-07-29 16:00	57856	----a-w-	c:\windows\SysWow64\MSDvbNP.ax
2014-03-31 12:15 . 2013-05-02 04:16	686080	----a-w-	c:\windows\system32\win32spl.dll
2014-03-31 12:15 . 2013-05-02 04:04	443904	----a-w-	c:\windows\SysWow64\win32spl.dll
2014-03-31 12:15 . 2013-05-02 04:03	37376	----a-w-	c:\windows\SysWow64\printcom.dll
2014-03-31 12:15 . 2012-06-08 17:59	12899840	----a-w-	c:\windows\system32\shell32.dll
2014-03-31 12:01 . 2012-11-02 10:45	477696	----a-w-	c:\windows\system32\dpnet.dll
2014-03-31 12:01 . 2012-11-02 10:45	68096	----a-w-	c:\windows\system32\dpnathlp.dll
2014-03-31 12:01 . 2012-11-02 10:18	376320	----a-w-	c:\windows\SysWow64\dpnet.dll
2014-03-31 12:01 . 2012-11-02 08:59	26112	----a-w-	c:\windows\system32\dpnsvr.exe
2014-03-31 12:01 . 2012-11-02 08:26	23040	----a-w-	c:\windows\SysWow64\dpnsvr.exe
2014-03-31 11:46 . 2012-01-09 16:16	708096	----a-w-	c:\windows\system32\rdpencom.dll
2014-03-31 11:46 . 2012-01-09 15:54	613376	----a-w-	c:\windows\SysWow64\rdpencom.dll
2014-03-31 11:13 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2014-03-31 11:13 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2014-03-31 11:13 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2014-03-31 11:13 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2014-03-31 11:12 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2014-03-31 11:12 . 2012-06-02 22:19	35864	----a-w-	c:\windows\SysWow64\wups.dll
2014-03-31 11:12 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2014-03-31 11:12 . 2012-06-02 22:19	577048	----a-w-	c:\windows\SysWow64\wuapi.dll
2014-03-31 11:12 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2014-03-31 11:12 . 2012-06-02 22:12	88576	----a-w-	c:\windows\SysWow64\wudriver.dll
2014-03-31 11:12 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2014-03-31 11:12 . 2012-06-02 13:19	171904	----a-w-	c:\windows\SysWow64\wuwebv.dll
2014-03-31 11:12 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2014-03-31 11:12 . 2012-06-02 13:12	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2014-03-31 09:45 . 2014-03-31 09:48	--------	d-----w-	C:\FRST
2014-03-30 23:01 . 2014-03-30 23:04	--------	d-----w-	c:\windows\SysWow64\ca-ES
2014-03-30 23:01 . 2014-03-30 23:04	--------	d-----w-	c:\windows\SysWow64\eu-ES
2014-03-30 23:01 . 2014-03-30 23:04	--------	d-----w-	c:\windows\SysWow64\vi-VN
2014-03-30 23:01 . 2014-03-30 23:03	--------	d-----w-	c:\windows\system32\ca-ES
2014-03-30 23:01 . 2014-03-30 23:02	--------	d-----w-	c:\windows\system32\eu-ES
2014-03-30 23:01 . 2014-03-30 23:02	--------	d-----w-	c:\windows\system32\vi-VN
2014-03-30 17:28 . 2014-03-30 17:28	--------	d-----w-	c:\windows\system32\EventProviders
2014-03-29 09:57 . 2014-04-05 10:58	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-29 09:56 . 2014-03-05 08:26	63192	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-03-29 09:56 . 2014-03-05 08:26	88280	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-03-29 09:56 . 2014-03-05 08:26	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-03-29 09:56 . 2014-03-29 09:56	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 09:56 . 2014-03-29 09:56	--------	d-----w-	c:\programdata\Malwarebytes
2014-03-24 09:33 . 2014-03-24 09:33	--------	d-----w-	c:\users\Timmi\AppData\Roaming\Avira
2014-03-24 09:25 . 2014-02-25 10:41	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2014-03-24 09:25 . 2014-02-25 10:41	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-03-24 09:25 . 2014-02-25 10:41	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-03-24 09:18 . 2014-03-31 09:25	--------	d-----w-	c:\program files (x86)\Avira
2014-03-24 09:18 . 2014-03-24 09:25	--------	d-----w-	c:\programdata\Avira
2014-03-24 09:18 . 2014-03-31 09:26	--------	d-----w-	c:\programdata\Package Cache
2014-03-23 23:55 . 2014-03-23 23:55	0	----a-w-	c:\windows\SysWow64\drivers\AVGTDIA.SYS
2014-03-23 23:55 . 2014-03-23 23:55	0	----a-w-	c:\windows\SysWow64\drivers\AVGRKX64.SYS
2014-03-23 23:55 . 2014-03-23 23:55	0	----a-w-	c:\windows\SysWow64\drivers\AVGLOGA.SYS
2014-03-23 23:55 . 2014-03-23 23:55	0	----a-w-	c:\windows\SysWow64\drivers\AVGIDSHA.SYS
2014-03-23 23:55 . 2014-03-23 23:55	0	----a-w-	c:\windows\SysWow64\drivers\AVGIDSDRIVERA.SYS
2014-03-23 23:50 . 2014-03-23 23:50	--------	d-----w-	c:\users\Timmi\AppData\Roaming\TuneUp Software
2014-03-23 23:48 . 2014-03-24 00:08	--------	d-----w-	c:\programdata\AVG2014
2014-03-23 23:30 . 2014-03-23 23:30	--------	d--h--w-	c:\programdata\Common Files
2014-03-23 23:30 . 2014-03-24 09:00	--------	d-----w-	c:\programdata\MFAData
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-19 02:01 . 2006-11-02 12:35	90015360	----a-w-	c:\windows\system32\mrt.exe
2014-03-12 14:24 . 2013-06-04 14:47	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-12 14:24 . 2011-12-04 20:39	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-07 04:43 . 2014-04-04 09:34	10521840	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FA36EF8-0CA8-4B1D-9E41-C7AC1B2C6712}\mpengine.dll
2014-02-19 11:42 . 2014-03-31 12:18	146944	----a-w-	c:\windows\apppatch\AppPatch64\iebrshim.dll
2014-02-19 09:38 . 2014-03-31 12:18	53760	----a-w-	c:\windows\apppatch\iebrshim.dll
2002-10-20 19:45 . 2002-10-20 19:45	1020000	------w-	c:\program files\UNINSTAL.EXE
2002-10-20 19:45 . 2002-10-20 19:45	2121728	------w-	c:\program files\SETUPENU.DLL
2002-10-19 18:11 . 2002-10-19 18:11	749568	------w-	c:\program files\language.dll
2002-10-15 20:24 . 2002-10-15 20:24	401462	------w-	c:\program files\msvcp60.dll
2002-10-15 20:24 . 2002-10-15 20:24	290869	------w-	c:\program files\msvcrt.dll
2002-10-15 20:24 . 2002-10-15 20:24	1144320	------w-	c:\program files\msxmlger.msi
2002-10-15 20:23 . 2002-10-15 20:23	73779	------w-	c:\program files\EBUEula.dll
2002-10-15 20:23 . 2002-10-15 20:23	40960	------w-	c:\program files\drvmgt.dll
2002-10-15 20:23 . 2002-10-15 20:23	9189784	------w-	c:\program files\ar505deu.exe
2002-10-07 18:44 . 2002-10-07 18:44	7425455	------w-	c:\program files\aom.exe
2002-10-07 18:34 . 2002-10-07 18:34	315464	------w-	c:\program files\esoclientdll.dll
2002-10-07 18:34 . 2002-10-07 18:34	69694	------w-	c:\program files\esinet.dll
2002-10-07 18:21 . 2002-10-07 18:21	24576	------w-	c:\program files\wiproxy.dll
2002-10-07 18:20 . 2002-10-07 18:20	81998	------w-	c:\program files\rockalldll.dll
2002-10-07 18:20 . 2002-10-07 18:20	348160	------w-	c:\program files\mss32.dll
2002-10-07 18:20 . 2002-10-07 18:20	239224	------w-	c:\program files\unicows.dll
2002-10-07 18:20 . 2002-10-07 18:20	202240	------w-	c:\program files\zoneaccessapi.dll
2002-10-07 18:20 . 2002-10-07 18:20	131121	------w-	c:\program files\instapup.exe
2002-10-07 18:20 . 2002-10-07 18:20	488960	------w-	c:\program files\granny.dll
2002-10-07 18:20 . 2002-10-07 18:20	358963	------w-	c:\program files\binkw32.dll
2002-10-07 18:20 . 2002-10-07 18:20	186696	------w-	c:\program files\dw15.exe
2002-10-07 18:20 . 2002-10-07 18:20	18192	------w-	c:\program files\chktrust.exe
2002-10-07 18:20 . 2002-10-07 18:20	151607	------w-	c:\program files\autopatcher.exe
2002-10-02 00:42 . 2002-10-02 00:42	57344	------w-	c:\program files\movieplayer.exe
2002-05-30 22:36 . 2002-05-30 22:36	77824	------w-	c:\program files\gfxinfo.exe
2002-02-27 23:50 . 2002-02-27 23:50	197120	------w-	c:\program files\patchw32.dll
2001-10-16 21:56 . 2001-10-16 21:56	125952	------w-	c:\program files\mp3dec.asi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"Spotify Web Helper"="c:\users\Timmi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-03-20 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files (x86)\HP\QuickPlay\QPService.exe" [2008-06-25 468264]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-07-02 3524536]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-02-26 3814736]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-25 689744]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-03-25 173136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 994856]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\AESTSr64.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
ezSharedSvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-04 14:24]
.
2014-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15 12:08]
.
2014-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15 12:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Timmi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Timmi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Timmi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54	164016	----a-w-	c:\users\Timmi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1220392]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2008-01-23 685568]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-14 15844384]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-14 82464]
"SysTrayApp"="c:\program files (x86)\IDT\WDM\sttray64.exe" [2008-06-27 443904]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.babylon.com/?affID=109986&babsrc=HP_ss&mntrId=6780fc000000000000000016eadf339c
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to MP3 Converter - c:\users\Timmi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\b8ye3q7u.default-1396695264620\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
Toolbar-10 - (no file)
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0407.EXE
AddRemove-AVerMedia A309 (MiniCard, DVB-T) - c:\program files (x86)\AVerMedia\AVerMedia A309 (MiniCard
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{22D78859-9CE9-4B77-BF18-AC83E81A9263}]
"ImagePath"="\??\c:\program files (x86)\HP\QuickPlay\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Avira\AntiVir Desktop\sched.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\SMINST\BLService.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
c:\program files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-04-05  13:42:19 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-04-05 11:42
.
Vor Suchlauf: 20 Verzeichnis(se), 28,386,381,824 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 29,513,338,880 Bytes frei
.
- - End Of File - - CE9ECD5F9849112FB606AE6F41F10896
85D751F0E41B8E520AEE8C07A8DA777B
         

Alt 05.04.2014, 15:13   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.04.2014, 13:11   #13
TimoH
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



1. AdvCleaner:
Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 09/04/2014 um 12:06:03
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzername : Timmi - TIMMIS-PC
# Gestartet von : C:\Users\Timmi\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

[!] Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\ProgramData\boost_interprocess
[!] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
[!] Ordner Gelöscht : C:\Users\Timmi\AppData\Local\Babylon
[!] Ordner Gelöscht : C:\Users\Timmi\AppData\Local\Ilivid Player
[!] Ordner Gelöscht : C:\Users\Timmi\AppData\Local\PackageAware
[!] Ordner Gelöscht : C:\Users\Timmi\AppData\LocalLow\BabylonToolbar
[!] Ordner Gelöscht : C:\Users\Timmi\AppData\Roaming\Babylon
[!] Ordner Gelöscht : C:\Users\Timmi\AppData\Roaming\dvdvideosoftiehelpers
[!] Ordner Gelöscht : C:\Users\Timmi\AppData\Roaming\PerformerSoft
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Components\AskSearch.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Bandoo
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\Software\Viewpoint

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16545

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\b8ye3q7u.default-1396695264620\prefs.js ]


*************************

AdwCleaner[R0].txt - [11522 octets] - [09/04/2014 12:03:27]
AdwCleaner[S0].txt - [9448 octets] - [09/04/2014 12:06:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9508 octets] ##########
         

2. JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Timmi on 09/04/2014 at 12:20:34.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67155C91-2696-4DBB-BC56-0EDA1AA38304}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DDF02204-49F2-4F36-869F-00E875485BD5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{67155C91-2696-4DBB-BC56-0EDA1AA38304}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{DDF02204-49F2-4F36-869F-00E875485BD5}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Timmi\AppData\Roaming\mozilla\firefox\profiles\b8ye3q7u.default-1396695264620\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/04/2014 at 12:27:58.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

3.FST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by Timmi (administrator) on TIMMIS-PC on 09-04-2014 12:41:51
Running from C:\Users\Timmi\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Hewlett-Packard Corporation) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
( ) C:\Windows\system32\lxeacoms.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
() C:\Windows\SMINST\BLService.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\x64\DPAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Spotify Ltd) C:\Users\Timmi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\ipmGui.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Farbar) C:\Users\Timmi\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1220392 2008-01-18] (Synaptics, Inc.)
HKLM\...\Run: [OnScreenDisplay] - C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [685568 2008-01-23] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [15844384 2008-05-14] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [82464 2008-05-14] (NVIDIA Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [443904 2008-06-27] (IDT, Inc.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM-x32\...\Run: [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [699456 2008-03-12] (DigitalPersona, Inc.)
HKLM-x32\...\Run: [QPService] - C:\Program Files (x86)\HP\QuickPlay\QPService.exe [468264 2008-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-03-14] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpWirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Health Check Scheduler] - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-16] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-06-07] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-07-02] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [173136 2014-03-25] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1633329562-3823532150-3526982155-1000\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1633329562-3823532150-3526982155-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1633329562-3823532150-3526982155-1000\...\Run: [Spotify Web Helper] - C:\Users\Timmi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-03-20] (Spotify Ltd)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKLM - {67155C91-2696-4DBB-BC56-0EDA1AA38304} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {DDF02204-49F2-4F36-869F-00E875485BD5} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Timmi\AppData\Roaming\Mozilla\Firefox\Profiles\b8ye3q7u.default-1396695264620
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Timmi\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-02]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKCU\...\Firefox\Extensions: [{5F645394-1230-484A-A471-BF5FACA207EF}] - C:\Users\Timmi\AppData\Local\{5F645394-1230-484A-A471-BF5FACA207EF}
FF Extension: XULRunner - C:\Users\Timmi\AppData\Local\{5F645394-1230-484A-A471-BF5FACA207EF} [2011-06-06]

==================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\AESTSr64.exe [89088 2008-06-27] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [121424 2014-03-25] (Avira Operations GmbH & Co. KG)
S2 ERDAS2; C:\Program Files (x86)\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe [630272 2006-07-07] (Macrovision Corporation)
S2 FLEXlm Service 1; C:\Program Files (x86)\Leica Geosystems\Shared\Bin\NTx86\lmgrd.exe [630272 2006-07-07] (Macrovision Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-01-07] ( )
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 QPCapSvc; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292216 2008-06-25] ()
R2 QPSched; C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe [116080 2008-06-25] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [361808 2008-04-26] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_8adfd0a8\STacSV64.exe [246784 2008-06-27] (IDT, Inc.)
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [717104 2008-04-27] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2008-04-27] (Validity Sensors, Inc.)
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" [X]
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306560 2008-06-10] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S1 Beep; No ImagePath
S3 NVENETFD; C:\Windows\System32\DRIVERS\nvm60x64.sys [742696 2006-10-10] (NVIDIA Corporation)
R2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2002-10-08] ()
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [203320 2012-06-04] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 vfs101a; C:\Windows\System32\drivers\vfs101a.sys [49968 2008-04-27] (Validity Sensors, Inc.)
R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; C:\Program Files (x86)\HP\QuickPlay\000.fcl [27632 2008-06-25] (Cyberlink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DS1410D; SYSTEM32\drivers\DS1410D.SYS [X]
U1 eabfiltr; 
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 Sentinel; \SystemRoot\System32\Drivers\SENTINEL.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-09 12:40 - 2014-04-09 12:40 - 00104157 _____ () C:\Users\Timmi\Desktop\FRSTneeu.txt
2014-04-09 12:32 - 2014-04-09 12:32 - 02157056 _____ (Farbar) C:\Users\Timmi\Desktop\FRST64(1).exe
2014-04-09 12:30 - 2014-04-09 12:30 - 00001966 _____ () C:\Users\Timmi\Desktop\JRT1.txt
2014-04-09 12:27 - 2014-04-09 12:27 - 00001966 _____ () C:\Users\Timmi\Desktop\JRT.txt
2014-04-09 12:20 - 2014-04-09 12:20 - 00009616 _____ () C:\Users\Timmi\Desktop\AdwCleaner[S0].txt
2014-04-09 12:20 - 2014-04-09 12:20 - 00000000 ____D () C:\Windows\ERUNT
2014-04-09 12:19 - 2014-04-09 12:19 - 01016261 _____ (Thisisu) C:\Users\Timmi\Desktop\JRT.exe
2014-04-09 12:03 - 2014-04-09 12:06 - 00000000 ____D () C:\AdwCleaner
2014-04-09 12:01 - 2014-04-09 12:01 - 01426178 _____ () C:\Users\Timmi\Desktop\adwcleaner.exe
2014-04-09 09:48 - 2014-03-08 06:54 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 09:48 - 2014-03-08 06:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 09:48 - 2014-03-08 05:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 09:48 - 2014-03-08 05:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 09:48 - 2014-03-08 05:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 09:48 - 2014-03-08 05:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 09:48 - 2014-03-08 05:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 09:48 - 2014-03-08 05:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 09:48 - 2014-03-08 05:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 09:48 - 2014-03-08 05:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 09:48 - 2014-03-08 05:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 09:48 - 2014-03-08 05:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 09:48 - 2014-03-08 05:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 09:48 - 2014-03-08 05:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 09:48 - 2014-03-08 05:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 09:48 - 2014-03-08 05:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 09:48 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 09:48 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 09:48 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 09:48 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 09:48 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 09:48 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 09:48 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-09 09:48 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 09:48 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-09 09:48 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 09:48 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 09:48 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 09:48 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 09:48 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 09:48 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-09 09:48 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 23:38 - 2014-04-09 11:59 - 00000009 _____ () C:\Users\Timmi\Desktop\Neues Textdokument.txt
2014-04-08 19:20 - 2014-02-06 06:21 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 19:20 - 2014-02-06 03:57 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-07 15:15 - 2014-04-07 23:09 - 00124879 _____ () C:\Users\Timmi\Desktop\Kohlenstoffisotopentrends an der Devon.pptx
2014-04-05 13:42 - 2014-04-05 13:42 - 00030556 _____ () C:\ComboFix.txt
2014-04-05 13:04 - 2014-04-05 13:42 - 00000000 ____D () C:\ComboFix
2014-04-05 13:04 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-05 13:04 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-05 13:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-05 13:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-05 13:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-05 13:04 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-05 13:04 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-05 13:04 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-05 13:02 - 2014-04-05 13:42 - 00000000 ____D () C:\Qoobox
2014-04-05 13:00 - 2014-04-05 13:40 - 00000000 ____D () C:\Windows\erdnt
2014-04-05 12:57 - 2014-04-05 12:57 - 05193579 ____R (Swearware) C:\Users\Timmi\Desktop\ComboFix.exe
2014-04-05 12:57 - 2014-04-05 12:57 - 05193579 _____ (Swearware) C:\Users\Timmi\Downloads\ComboFix.exe
2014-04-05 12:54 - 2014-04-05 12:54 - 00000000 ____D () C:\Users\Timmi\Desktop\Alte Firefox-Daten
2014-04-02 13:01 - 2014-04-02 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-01 16:29 - 2014-04-08 19:11 - 00003694 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C5D567EC-3CC0-4F9B-B625-88CD4C96BBD4}
2014-04-01 12:24 - 2013-08-27 05:39 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-04-01 12:24 - 2013-08-27 05:39 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-04-01 12:24 - 2013-08-27 05:39 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-04-01 12:24 - 2013-08-27 05:39 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-04-01 12:24 - 2013-08-27 04:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-04-01 12:24 - 2013-08-27 04:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-04-01 12:24 - 2013-08-27 04:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-04-01 12:24 - 2013-08-27 04:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-04-01 12:24 - 2013-08-27 04:32 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-04-01 12:24 - 2013-08-27 04:30 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-04-01 12:24 - 2013-08-27 04:06 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-04-01 12:24 - 2013-08-27 04:00 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-04-01 12:24 - 2013-08-27 04:00 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-04-01 12:24 - 2013-08-27 03:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-04-01 12:24 - 2013-08-27 03:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-04-01 12:24 - 2013-08-27 03:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-04-01 12:24 - 2013-08-27 03:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-04-01 12:24 - 2011-03-13 00:52 - 01653760 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-04-01 12:24 - 2011-03-12 23:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-04-01 11:49 - 2014-04-01 11:49 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-01 05:35 - 2014-04-01 05:35 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-01 05:35 - 2014-04-01 05:35 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-01 05:33 - 2014-04-01 05:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2014-04-01 05:31 - 2014-04-01 05:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-04-01 05:21 - 2009-10-01 03:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2014-04-01 05:21 - 2009-10-01 03:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2014-04-01 05:21 - 2009-10-01 03:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2014-04-01 05:21 - 2009-10-01 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2014-04-01 05:21 - 2009-10-01 03:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2014-04-01 05:21 - 2009-10-01 03:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
2014-04-01 05:21 - 2009-10-01 03:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll
2014-04-01 05:21 - 2009-10-01 03:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2014-04-01 05:21 - 2009-10-01 03:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2014-04-01 05:21 - 2009-10-01 02:52 - 02727936 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-04-01 05:21 - 2009-10-01 02:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-04-01 05:21 - 2009-10-01 02:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2014-04-01 05:21 - 2009-10-01 02:51 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2014-04-01 05:21 - 2009-10-01 02:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2014-04-01 05:21 - 2009-10-01 02:51 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2014-04-01 04:44 - 2014-04-02 13:08 - 01541688 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-01 04:20 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-04-01 04:20 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-04-01 04:20 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-04-01 04:20 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-04-01 04:20 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-04-01 04:20 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-04-01 04:20 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-04-01 04:20 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-04-01 04:20 - 2009-07-14 14:19 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2014-04-01 04:20 - 2009-07-14 14:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winusb.dll
2014-04-01 04:20 - 2009-07-14 02:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2014-04-01 04:13 - 2014-04-01 04:13 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-01 04:13 - 2014-04-01 04:13 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-01 04:13 - 2014-04-01 04:13 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-01 04:13 - 2014-04-01 04:13 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-01 04:13 - 2014-04-01 04:13 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-01 04:13 - 2014-04-01 04:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-01 04:13 - 2014-04-01 04:13 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-01 04:10 - 2014-04-01 04:10 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 03068416 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01554432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01032192 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-04-01 04:10 - 2014-04-01 04:10 - 00979456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFH264Dec.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00847360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-04-01 04:10 - 2014-04-01 04:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFHEAACdec.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4src.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-04-01 04:10 - 2014-04-01 04:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-04-01 04:09 - 2014-04-01 04:09 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-04-01 04:09 - 2014-04-01 04:09 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2014-04-01 04:09 - 2014-04-01 04:09 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-04-01 04:07 - 2014-04-01 04:14 - 00004461 _____ () C:\Windows\IE9_main.log
2014-04-01 03:30 - 2012-02-29 17:37 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-04-01 03:30 - 2012-02-29 17:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-04-01 03:30 - 2012-02-29 15:52 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-04-01 03:30 - 2009-09-10 04:07 - 03815424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-04-01 03:30 - 2009-09-10 04:06 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-04-01 03:30 - 2009-09-10 04:05 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-04-01 03:30 - 2009-09-10 04:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2014-04-01 03:30 - 2009-09-10 04:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2014-04-01 03:30 - 2009-09-10 04:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-31 14:26 - 2014-02-07 14:11 - 02776064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-31 14:26 - 2013-10-11 06:23 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-31 14:26 - 2013-10-11 06:23 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-31 14:26 - 2013-10-11 04:29 - 00217074 _____ () C:\Windows\system32\WFP.TMF
2014-03-31 14:26 - 2013-10-11 04:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-03-31 14:26 - 2013-10-03 17:02 - 01278976 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-31 14:26 - 2013-10-03 14:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-31 14:26 - 2013-08-02 16:06 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-31 14:26 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-31 14:26 - 2013-07-09 14:04 - 01585256 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-31 14:26 - 2013-07-09 14:04 - 01168088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-31 14:26 - 2013-07-08 06:51 - 04691904 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-31 14:26 - 2013-07-08 06:20 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-03-31 14:26 - 2013-07-08 06:18 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-03-31 14:26 - 2013-07-08 06:15 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-03-31 14:26 - 2013-07-08 06:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-03-31 14:26 - 2013-07-08 03:39 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-03-31 14:26 - 2013-07-08 03:39 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-03-31 14:26 - 2013-07-08 03:39 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-03-31 14:26 - 2013-06-15 15:27 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2014-03-31 14:26 - 2013-06-15 13:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-31 14:26 - 2013-03-09 06:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-31 14:26 - 2013-03-09 03:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-31 14:26 - 2012-05-01 16:29 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-31 14:26 - 2011-02-22 16:47 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-31 14:26 - 2011-02-22 16:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-31 14:25 - 2013-03-03 21:13 - 01513320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-31 14:25 - 2012-09-25 18:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-03-31 14:25 - 2012-09-25 18:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-03-31 14:25 - 2011-12-14 18:38 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-03-31 14:25 - 2011-12-14 18:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-03-31 14:24 - 2014-01-30 12:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-31 14:24 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-31 14:24 - 2013-12-05 06:48 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-31 14:24 - 2013-12-05 04:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-31 14:24 - 2013-08-01 06:10 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-31 14:24 - 2013-08-01 05:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-03-31 14:24 - 2013-04-24 06:09 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-31 14:24 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-03-31 14:24 - 2013-04-24 04:10 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-31 14:24 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-03-31 14:24 - 2012-02-01 17:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2014-03-31 14:24 - 2010-05-04 21:40 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2014-03-31 14:24 - 2010-05-04 21:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshsq.dll
2014-03-31 14:23 - 2014-02-03 15:20 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-31 14:23 - 2014-02-03 12:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-31 14:23 - 2013-11-13 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-31 14:23 - 2013-11-13 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-31 14:23 - 2013-07-12 11:19 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-03-31 14:23 - 2013-07-10 11:47 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-03-31 14:23 - 2013-07-10 11:42 - 01303552 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-31 14:23 - 2013-06-04 06:16 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-31 14:23 - 2013-06-04 06:16 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-03-31 14:23 - 2013-06-04 04:01 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-31 14:23 - 2013-06-04 03:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-03-31 14:23 - 2013-04-17 15:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-03-31 14:23 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-03-31 14:23 - 2012-11-20 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-03-31 14:23 - 2012-11-20 06:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-31 14:23 - 2011-10-25 18:13 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-31 14:23 - 2011-10-25 17:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-03-31 14:22 - 2011-08-25 18:20 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-03-31 14:22 - 2011-08-25 18:19 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-31 14:22 - 2011-08-25 18:19 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-03-31 14:22 - 2011-08-25 18:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-03-31 14:22 - 2011-08-25 18:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-03-31 14:22 - 2011-08-25 18:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-03-31 14:22 - 2011-08-25 15:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2014-03-31 14:22 - 2011-08-25 15:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaccrc.dll
2014-03-31 14:22 - 2011-06-15 18:16 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-03-31 14:22 - 2011-06-15 18:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-03-31 14:21 - 2013-07-03 06:24 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll
2014-03-31 14:21 - 2013-07-03 04:55 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-03-31 14:21 - 2013-07-03 04:22 - 00031616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-31 14:21 - 2011-11-16 18:43 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-03-31 14:21 - 2011-11-16 18:23 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-03-31 14:21 - 2011-10-14 19:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-03-31 14:21 - 2011-10-14 19:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mcicda.dll
2014-03-31 14:21 - 2011-10-14 19:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mciwave.dll
2014-03-31 14:21 - 2011-10-14 19:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2014-03-31 14:21 - 2011-10-14 18:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-03-31 14:21 - 2011-10-14 18:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciseq.dll
2014-03-31 14:20 - 2013-07-05 06:45 - 01423808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-31 14:20 - 2012-08-21 13:50 - 00267648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-03-31 14:20 - 2011-10-14 19:30 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-03-31 14:20 - 2011-10-14 18:02 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-03-31 14:19 - 2013-07-16 11:25 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-03-31 14:19 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-03-31 14:19 - 2011-04-21 16:17 - 00695296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-03-31 14:19 - 2009-06-17 12:37 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-03-31 14:18 - 2013-10-11 06:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-31 14:18 - 2013-10-11 06:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-31 14:18 - 2013-10-11 04:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-31 14:18 - 2013-10-11 04:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-31 14:18 - 2013-10-11 04:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-31 14:18 - 2013-10-11 04:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-31 14:18 - 2013-10-11 04:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2014-03-31 14:18 - 2013-10-11 02:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-31 14:18 - 2013-10-11 02:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-31 14:18 - 2013-10-03 17:03 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-31 14:18 - 2013-10-03 14:46 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-31 14:18 - 2013-07-20 12:45 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-31 14:18 - 2013-07-20 12:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-31 14:18 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-31 14:18 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-03-31 14:18 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-03-31 14:18 - 2013-07-08 06:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-31 14:18 - 2013-07-08 06:12 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-31 14:18 - 2013-07-08 06:12 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-31 14:18 - 2013-02-12 04:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-31 14:18 - 2012-11-02 12:47 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-31 14:18 - 2012-11-02 12:19 - 01400832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-03-31 14:18 - 2012-06-04 17:29 - 00516480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-31 14:18 - 2012-06-02 02:22 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-31 14:18 - 2012-06-02 02:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-03-31 14:18 - 2012-06-02 02:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-03-31 14:18 - 2011-11-16 18:42 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-31 14:18 - 2011-11-16 18:41 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-31 14:18 - 2011-11-16 16:34 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-31 14:17 - 2013-10-22 11:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-31 14:17 - 2013-10-22 09:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-31 14:17 - 2013-09-04 04:31 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-31 14:17 - 2013-07-04 06:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-03-31 14:17 - 2013-07-04 06:13 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-31 14:17 - 2013-06-27 01:00 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-31 14:17 - 2013-06-27 01:00 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-03-31 14:17 - 2013-06-27 01:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-03-31 14:17 - 2013-03-08 06:18 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-31 14:17 - 2012-11-22 06:22 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-03-31 14:17 - 2012-11-22 05:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2014-03-31 14:17 - 2012-11-08 06:26 - 01570816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-31 14:17 - 2012-11-08 05:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-03-31 14:17 - 2012-06-29 18:20 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-03-31 14:17 - 2012-06-29 18:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-03-31 14:17 - 2012-05-11 18:34 - 00788480 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-03-31 14:17 - 2012-05-11 17:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
2014-03-31 14:16 - 2013-10-30 06:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-03-31 14:16 - 2013-10-30 05:55 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-31 14:16 - 2013-10-30 04:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-31 14:16 - 2013-06-29 04:25 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-31 14:16 - 2013-06-29 04:25 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-31 14:16 - 2013-06-29 04:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-31 14:16 - 2013-06-29 04:25 - 00007552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-31 14:16 - 2013-03-08 06:17 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-31 14:16 - 2013-03-08 05:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-31 14:16 - 2012-03-21 01:34 - 00072576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-03-31 14:16 - 2011-11-18 20:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-03-31 14:16 - 2011-11-18 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-03-31 14:16 - 2011-05-05 16:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-31 14:16 - 2011-05-05 16:17 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-31 14:15 - 2013-05-02 06:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-31 14:15 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-03-31 14:15 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2014-03-31 14:15 - 2012-06-08 19:59 - 12899840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-31 14:15 - 2012-06-08 19:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-31 14:15 - 2011-07-29 18:08 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-03-31 14:15 - 2011-07-29 18:08 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-03-31 14:15 - 2011-07-29 18:06 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-03-31 14:15 - 2011-07-29 18:06 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-03-31 14:15 - 2011-07-29 18:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-03-31 14:15 - 2011-07-29 18:01 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-03-31 14:15 - 2011-07-29 18:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-03-31 14:15 - 2011-07-29 18:00 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-03-31 14:01 - 2012-11-02 12:45 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-03-31 14:01 - 2012-11-02 12:45 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2014-03-31 14:01 - 2012-11-02 12:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-03-31 14:01 - 2012-11-02 10:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2014-03-31 14:01 - 2012-11-02 10:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2014-03-31 13:46 - 2012-01-09 18:16 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-03-31 13:46 - 2012-01-09 17:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-03-31 13:13 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-31 13:13 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-31 13:13 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-03-31 13:13 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-31 13:12 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-03-31 13:12 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-03-31 13:12 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-03-31 13:12 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-03-31 13:12 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-03-31 13:12 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-03-31 13:12 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-03-31 13:12 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-03-31 13:12 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-03-31 13:12 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-03-31 11:54 - 2014-03-31 11:54 - 00046767 _____ () C:\Users\Timmi\Desktop\Addition.txt
2014-03-31 11:53 - 2014-04-09 12:41 - 00019196 _____ () C:\Users\Timmi\Desktop\FRST.txt
2014-03-31 11:47 - 2014-03-31 11:48 - 00046767 _____ () C:\Users\Timmi\Downloads\Addition.txt
2014-03-31 11:45 - 2014-04-09 12:41 - 00000000 ____D () C:\FRST
2014-03-31 11:45 - 2014-03-31 11:48 - 00045999 _____ () C:\Users\Timmi\Downloads\FRST.txt
2014-03-31 11:45 - 2014-03-31 11:45 - 02157056 _____ (Farbar) C:\Users\Timmi\Downloads\FRST64.exe
2014-03-31 11:25 - 2014-03-31 11:25 - 00001046 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-31 01:25 - 2014-03-31 01:25 - 00000000 ____D () C:\Users\Timmi\Documents\Bluetooth-Exchange-Ordner
2014-03-31 01:01 - 2014-03-31 01:04 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-03-31 01:01 - 2014-03-31 01:04 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-03-31 01:01 - 2014-03-31 01:04 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-03-31 01:01 - 2014-03-31 01:03 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-03-31 01:01 - 2014-03-31 01:02 - 00000000 ____D () C:\Windows\system32\vi-VN
2014-03-31 01:01 - 2014-03-31 01:02 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-03-30 19:28 - 2014-03-30 19:28 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-29 11:57 - 2014-04-05 12:58 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 11:56 - 2014-03-29 11:56 - 00000943 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 11:56 - 2014-03-05 10:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-29 11:56 - 2014-03-05 10:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-29 11:56 - 2014-03-05 10:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-29 11:44 - 2014-03-29 11:44 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Timmi\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 00:35 - 2014-03-27 00:36 - 00000000 ____D () C:\Users\Timmi\Desktop\Judo WEttkampflizenz
2014-03-26 12:39 - 2014-03-26 12:49 - 00000000 ____D () C:\Users\Timmi\Desktop\Camino de la Muerte
2014-03-24 11:33 - 2014-03-24 11:33 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\Avira
2014-03-24 11:25 - 2014-02-25 12:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-03-24 11:25 - 2014-02-25 12:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-03-24 11:25 - 2014-02-25 12:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-03-24 11:18 - 2014-03-31 11:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-24 11:18 - 2014-03-31 11:25 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-24 11:18 - 2014-03-24 11:25 - 00000000 ____D () C:\ProgramData\Avira
2014-03-24 11:17 - 2014-03-24 11:17 - 04051104 _____ (Avira Operations GmbH & Co. KG) C:\Users\Timmi\Downloads\avira_de_av___ws(1).exe
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGTDIA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGRKX64.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGLOGA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGIDSHA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGIDSDRIVERA.SYS
2014-03-24 01:50 - 2014-03-24 01:50 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\TuneUp Software
2014-03-24 01:48 - 2014-03-24 02:08 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-24 01:30 - 2014-03-24 11:00 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-24 01:30 - 2014-03-24 01:30 - 00000000 ____D () C:\Users\Timmi\AppData\Local\MFAData
2014-03-24 01:29 - 2014-03-24 01:29 - 04462384 _____ (AVG Technologies) C:\Users\Timmi\Downloads\avg_free_stb_all_2014_4335_cnet.exe
2014-03-24 00:21 - 2014-03-24 00:21 - 00000000 ____D () C:\Users\Timmi\Desktop\Fotos Chile antofa
2014-03-19 17:31 - 2014-03-19 17:31 - 00000000 ____D () C:\Users\Timmi\AppData\Local\Skype
2014-03-16 23:27 - 2014-03-16 23:27 - 00000450 _____ () C:\Users\Timmi\Desktop\eset.txt
2014-03-16 21:39 - 2014-03-17 09:21 - 04051048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Timmi\Downloads\avira_de_av___ws.exe
2014-03-16 20:08 - 2014-03-16 20:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-16 20:07 - 2014-03-16 20:07 - 02347384 _____ (ESET) C:\Users\Timmi\Downloads\esetsmartinstaller_enu.exe

==================== One Month Modified Files and Folders =======

2014-04-09 12:41 - 2014-03-31 11:53 - 00019196 _____ () C:\Users\Timmi\Desktop\FRST.txt
2014-04-09 12:41 - 2014-03-31 11:45 - 00000000 ____D () C:\FRST
2014-04-09 12:40 - 2014-04-09 12:40 - 00104157 _____ () C:\Users\Timmi\Desktop\FRSTneeu.txt
2014-04-09 12:32 - 2014-04-09 12:32 - 02157056 _____ (Farbar) C:\Users\Timmi\Desktop\FRST64(1).exe
2014-04-09 12:30 - 2014-04-09 12:30 - 00001966 _____ () C:\Users\Timmi\Desktop\JRT1.txt
2014-04-09 12:27 - 2014-04-09 12:27 - 00001966 _____ () C:\Users\Timmi\Desktop\JRT.txt
2014-04-09 12:20 - 2014-04-09 12:20 - 00009616 _____ () C:\Users\Timmi\Desktop\AdwCleaner[S0].txt
2014-04-09 12:20 - 2014-04-09 12:20 - 00000000 ____D () C:\Windows\ERUNT
2014-04-09 12:20 - 2013-06-04 16:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-09 12:19 - 2014-04-09 12:19 - 01016261 _____ (Thisisu) C:\Users\Timmi\Desktop\JRT.exe
2014-04-09 12:17 - 2008-09-19 14:44 - 01692409 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 12:15 - 2008-07-31 10:37 - 00003574 _____ () C:\Windows\System32\Tasks\HP Health Check
2014-04-09 12:11 - 2012-05-15 14:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 12:11 - 2011-01-31 23:48 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-09 12:11 - 2008-09-19 15:33 - 00192525 _____ () C:\ProgramData\nvModes.001
2014-04-09 12:10 - 2012-12-27 16:45 - 00000000 ____D () C:\Users\Timmi\AppData\Local\LogMeIn Hamachi
2014-04-09 12:10 - 2008-09-19 15:33 - 00192525 _____ () C:\ProgramData\nvModes.dat
2014-04-09 12:09 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 12:09 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 12:09 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 12:06 - 2014-04-09 12:03 - 00000000 ____D () C:\AdwCleaner
2014-04-09 12:06 - 2008-07-31 08:37 - 00005332 _____ () C:\Windows\bthservsdp.dat
2014-04-09 12:06 - 2006-11-02 17:42 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-09 12:02 - 2008-11-02 17:28 - 00230400 _____ () C:\Users\Timmi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 12:01 - 2014-04-09 12:01 - 01426178 _____ () C:\Users\Timmi\Desktop\adwcleaner.exe
2014-04-09 11:59 - 2014-04-08 23:38 - 00000009 _____ () C:\Users\Timmi\Desktop\Neues Textdokument.txt
2014-04-09 11:53 - 2012-05-15 14:08 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-09 11:43 - 2012-01-08 03:06 - 00000000 ____D () C:\Users\Timmi\Desktop\z
2014-04-09 09:48 - 2008-07-31 10:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 09:47 - 2014-03-01 15:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 09:44 - 2006-11-02 14:35 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-08 19:11 - 2014-04-01 16:29 - 00003694 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C5D567EC-3CC0-4F9B-B625-88CD4C96BBD4}
2014-04-07 23:09 - 2014-04-07 15:15 - 00124879 _____ () C:\Users\Timmi\Desktop\Kohlenstoffisotopentrends an der Devon.pptx
2014-04-07 20:05 - 2012-08-15 21:20 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\Spotify
2014-04-07 19:48 - 2012-08-15 21:21 - 00000000 ____D () C:\Users\Timmi\AppData\Local\Spotify
2014-04-06 23:44 - 2012-03-04 01:59 - 00000000 ____D () C:\Program Files\savegame
2014-04-06 18:32 - 2012-03-04 01:59 - 00000000 ____D () C:\Program Files\data
2014-04-06 08:42 - 2010-01-02 19:29 - 00000000 _____ () C:\Users\Timmi\AppData\Local\FnF4.txt
2014-04-05 21:21 - 2008-11-02 17:30 - 00000021 _____ () C:\ProgramData\hpqp.txt
2014-04-05 13:42 - 2014-04-05 13:42 - 00030556 _____ () C:\ComboFix.txt
2014-04-05 13:42 - 2014-04-05 13:04 - 00000000 ____D () C:\ComboFix
2014-04-05 13:42 - 2014-04-05 13:02 - 00000000 ____D () C:\Qoobox
2014-04-05 13:40 - 2014-04-05 13:00 - 00000000 ____D () C:\Windows\erdnt
2014-04-05 13:32 - 2006-11-02 14:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-05 13:25 - 2008-01-21 05:26 - 00344286 _____ () C:\Windows\PFRO.log
2014-04-05 13:23 - 2006-11-02 14:33 - 92536832 _____ () C:\Windows\system32\config\software.bak
2014-04-05 13:23 - 2006-11-02 14:33 - 59768832 _____ () C:\Windows\system32\config\components.bak
2014-04-05 13:23 - 2006-11-02 14:33 - 30146560 _____ () C:\Windows\system32\config\system.bak
2014-04-05 13:23 - 2006-11-02 14:33 - 00524288 _____ () C:\Windows\system32\config\default.bak
2014-04-05 13:23 - 2006-11-02 14:33 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-04-05 13:23 - 2006-11-02 14:33 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-04-05 13:00 - 2008-07-31 18:17 - 00673934 _____ () C:\Windows\system32\perfh007.dat
2014-04-05 13:00 - 2008-07-31 18:17 - 00145914 _____ () C:\Windows\system32\perfc007.dat
2014-04-05 13:00 - 2006-11-02 14:46 - 01566088 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 12:58 - 2014-03-29 11:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 12:57 - 2014-04-05 12:57 - 05193579 ____R (Swearware) C:\Users\Timmi\Desktop\ComboFix.exe
2014-04-05 12:57 - 2014-04-05 12:57 - 05193579 _____ (Swearware) C:\Users\Timmi\Downloads\ComboFix.exe
2014-04-05 12:54 - 2014-04-05 12:54 - 00000000 ____D () C:\Users\Timmi\Desktop\Alte Firefox-Daten
2014-04-04 13:18 - 2006-11-02 17:27 - 00250593 _____ () C:\Windows\setupact.log
2014-04-02 18:36 - 2013-06-04 14:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-02 13:08 - 2014-04-01 04:44 - 01541688 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-04-02 13:02 - 2014-04-02 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-01 14:10 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
2014-04-01 11:49 - 2014-04-01 11:49 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-01 11:46 - 2008-11-02 16:37 - 00000981 _____ () C:\Users\Timmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-01 11:46 - 2008-11-02 16:37 - 00000951 _____ () C:\Users\Timmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-04-01 11:42 - 2006-11-02 17:21 - 02563968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-01 05:35 - 2014-04-01 05:35 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-01 05:35 - 2014-04-01 05:35 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-01 05:35 - 2006-11-02 17:07 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-04-01 05:35 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Journal
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\th-TH
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\he-IL
2014-04-01 05:35 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\et-EE
2014-04-01 05:35 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-04-01 05:35 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-04-01 05:34 - 2006-11-02 15:33 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-04-01 05:34 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-01 05:34 - 2006-11-02 15:33 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-01 05:33 - 2014-04-01 05:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2014-04-01 05:31 - 2014-04-01 05:31 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-04-01 04:14 - 2014-04-01 04:07 - 00004461 _____ () C:\Windows\IE9_main.log
2014-04-01 04:13 - 2014-04-01 04:13 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-04-01 04:13 - 2014-04-01 04:13 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-01 04:13 - 2014-04-01 04:13 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-01 04:13 - 2014-04-01 04:13 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-04-01 04:13 - 2014-04-01 04:13 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-01 04:13 - 2014-04-01 04:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-04-01 04:13 - 2014-04-01 04:13 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-04-01 04:13 - 2014-04-01 04:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-04-01 04:13 - 2014-04-01 04:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-01 04:13 - 2006-11-02 14:16 - 00008798 _____ () C:\Windows\SysWOW64\icrav03.rat
2014-04-01 04:13 - 2006-11-02 14:16 - 00001988 _____ () C:\Windows\SysWOW64\ticrf.rat
2014-04-01 04:13 - 2006-11-02 08:36 - 00008798 _____ () C:\Windows\system32\icrav03.rat
2014-04-01 04:13 - 2006-11-02 08:36 - 00001988 _____ () C:\Windows\system32\ticrf.rat
2014-04-01 04:10 - 2014-04-01 04:10 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 03068416 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01554432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 01032192 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-04-01 04:10 - 2014-04-01 04:10 - 00979456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFH264Dec.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00847360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-04-01 04:10 - 2014-04-01 04:10 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFHEAACdec.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4src.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-04-01 04:10 - 2014-04-01 04:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-04-01 04:10 - 2014-04-01 04:10 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-04-01 04:09 - 2014-04-01 04:09 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-04-01 04:09 - 2014-04-01 04:09 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2014-04-01 04:09 - 2014-04-01 04:09 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2014-04-01 04:09 - 2014-04-01 04:09 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-31 11:54 - 2014-03-31 11:54 - 00046767 _____ () C:\Users\Timmi\Desktop\Addition.txt
2014-03-31 11:48 - 2014-03-31 11:47 - 00046767 _____ () C:\Users\Timmi\Downloads\Addition.txt
2014-03-31 11:48 - 2014-03-31 11:45 - 00045999 _____ () C:\Users\Timmi\Downloads\FRST.txt
2014-03-31 11:45 - 2014-03-31 11:45 - 02157056 _____ (Farbar) C:\Users\Timmi\Downloads\FRST64.exe
2014-03-31 11:26 - 2014-03-24 11:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-31 11:25 - 2014-03-31 11:25 - 00001046 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-31 11:25 - 2014-03-24 11:18 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-31 01:25 - 2014-03-31 01:25 - 00000000 ____D () C:\Users\Timmi\Documents\Bluetooth-Exchange-Ordner
2014-03-31 01:23 - 2008-11-02 16:36 - 00000917 _____ () C:\Users\Timmi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-03-31 01:06 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-03-31 01:06 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2014-03-31 01:06 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Collaboration
2014-03-31 01:06 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Movie Maker
2014-03-31 01:05 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-31 01:05 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-03-31 01:05 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Gallery
2014-03-31 01:05 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files (x86)\Windows Calendar
2014-03-31 01:05 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\servicing
2014-03-31 01:04 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-03-31 01:04 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-03-31 01:04 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\SLUI
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-03-31 01:04 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-03-31 01:03 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-03-31 01:03 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\oobe
2014-03-31 01:03 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\IME
2014-03-31 01:02 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\system32\vi-VN
2014-03-31 01:02 - 2014-03-31 01:01 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\SLUI
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\setup
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\migwiz
2014-03-31 01:02 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-03-31 01:02 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-03-31 00:49 - 2008-09-19 15:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-30 21:45 - 2009-07-24 19:51 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\vlc
2014-03-30 20:56 - 2008-11-02 21:14 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-30 20:48 - 2012-05-15 14:08 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 20:48 - 2012-05-15 14:08 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-30 19:28 - 2014-03-30 19:28 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-30 18:49 - 2012-04-17 19:50 - 00000000 ____D () C:\Users\Timmi\Documents\altes_zeug
2014-03-30 18:48 - 2008-11-02 16:48 - 00000000 ____D () C:\Users\Timmi\Documents\Meine empfangenen Dateien
2014-03-30 18:39 - 2013-03-13 14:36 - 00000000 ___RD () C:\Users\Timmi\Desktop\Bachelorarbeit
2014-03-30 18:36 - 2013-06-01 10:23 - 00000000 ____D () C:\Users\Timmi\Desktop\chile_tutor
2014-03-30 18:36 - 2013-01-15 23:41 - 00000000 ____D () C:\Users\Timmi\Desktop\JUDO_TRAINER
2014-03-30 18:36 - 2010-11-15 22:41 - 00000000 ___RD () C:\Users\Timmi\Desktop\Studium
2014-03-30 18:33 - 2013-07-29 23:19 - 00000000 ____D () C:\Users\Timmi\Desktop\fotos vom Handy
2014-03-29 12:24 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\Globalization
2014-03-29 12:22 - 2008-11-02 21:46 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-03-29 11:56 - 2014-03-29 11:56 - 00000943 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 11:44 - 2014-03-29 11:44 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Timmi\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 00:36 - 2014-03-27 00:35 - 00000000 ____D () C:\Users\Timmi\Desktop\Judo WEttkampflizenz
2014-03-26 12:51 - 2012-11-04 19:55 - 00000000 ____D () C:\Users\Timmi\Desktop\Foto für Leinwand
2014-03-26 12:49 - 2014-03-26 12:39 - 00000000 ____D () C:\Users\Timmi\Desktop\Camino de la Muerte
2014-03-26 01:34 - 2012-03-04 01:59 - 00000000 ____D () C:\Program Files\models
2014-03-24 11:33 - 2014-03-24 11:33 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\Avira
2014-03-24 11:25 - 2014-03-24 11:18 - 00000000 ____D () C:\ProgramData\Avira
2014-03-24 11:17 - 2014-03-24 11:17 - 04051104 _____ (Avira Operations GmbH & Co. KG) C:\Users\Timmi\Downloads\avira_de_av___ws(1).exe
2014-03-24 11:00 - 2014-03-24 01:30 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-24 02:08 - 2014-03-24 01:48 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGTDIA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGRKX64.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGLOGA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGIDSHA.SYS
2014-03-24 01:55 - 2014-03-24 01:55 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\AVGIDSDRIVERA.SYS
2014-03-24 01:50 - 2014-03-24 01:50 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\TuneUp Software
2014-03-24 01:30 - 2014-03-24 01:30 - 00000000 ____D () C:\Users\Timmi\AppData\Local\MFAData
2014-03-24 01:29 - 2014-03-24 01:29 - 04462384 _____ (AVG Technologies) C:\Users\Timmi\Downloads\avg_free_stb_all_2014_4335_cnet.exe
2014-03-24 00:21 - 2014-03-24 00:21 - 00000000 ____D () C:\Users\Timmi\Desktop\Fotos Chile antofa
2014-03-23 14:57 - 2009-08-03 15:37 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\dvdcss
2014-03-20 16:50 - 2008-11-02 17:57 - 00000000 ____D () C:\Users\Timmi\AppData\Roaming\Skype
2014-03-20 13:21 - 2008-12-09 08:03 - 00007592 _____ () C:\Users\Timmi\AppData\Local\d3d9caps.dat
2014-03-19 17:31 - 2014-03-19 17:31 - 00000000 ____D () C:\Users\Timmi\AppData\Local\Skype
2014-03-19 17:30 - 2012-04-11 17:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-19 17:30 - 2008-11-02 17:20 - 00000000 ____D () C:\ProgramData\Skype
2014-03-17 09:21 - 2014-03-16 21:39 - 04051048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Timmi\Downloads\avira_de_av___ws.exe
2014-03-16 23:27 - 2014-03-16 23:27 - 00000450 _____ () C:\Users\Timmi\Desktop\eset.txt
2014-03-16 20:08 - 2014-03-16 20:08 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-16 20:07 - 2014-03-16 20:07 - 02347384 _____ (ESET) C:\Users\Timmi\Downloads\esetsmartinstaller_enu.exe
2014-03-12 16:24 - 2013-06-04 16:47 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 16:24 - 2013-06-04 16:47 - 00003738 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 16:24 - 2011-12-04 22:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\ProgramData\DVD.exe
C:\ProgramData\ezsid.dat
C:\ProgramData\Games.exe
C:\ProgramData\Karaoke.exe
C:\ProgramData\MobileTV.exe
C:\ProgramData\MPV.exe


Some content of TEMP:
====================
C:\Users\Timmi\AppData\Local\Temp\avgnt.exe
C:\Users\Timmi\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Timmi\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 12:18

==================== End Of Log ============================
         
--- --- ---

--- --- ---


4. Addition.txt kann ich dann im nächsten Post reinstellen. Alles zusammen hatte zu viele Zeichen für einen Post.
Vielen Dank für alles! Die Ordner auf meiner ext. Festplatte sind wieder aufgetaucht. 3 Ordnerverknüpfungen sind jedoch noch da.

Alt 09.04.2014, 13:44   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Neue addition.txt bitte auch posten. Falls keine neue erstellt wurde hast du nen Haken vergessen.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.04.2014, 13:51   #15
TimoH
 
Verdacht: Trojaner auf externer Festplatte - Standard

Verdacht: Trojaner auf externer Festplatte



Adition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Timmi at 2014-04-09 12:42:14
Running from C:\Users\Timmi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version:  - )
Apple Application Support (HKLM-x32\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
AVerMedia A309 (MiniCard, DVB-T) 1.0.64.45 (HKLM-x32\...\AVerMedia A309 (MiniCard, DVB-T)) (Version: 1.0.64.45 - AVerMedia TECHNOLOGIES, Inc.)
Avira (HKLM-x32\...\{628220ce-1d5b-48fe-8fc8-73b111141180}) (Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5197.30752 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bonjour (HKLM\...\{0E543634-7E25-4B8F-8D5B-97880E5E5088}) (Version: 2.0.5.0 - Apple Inc.)
Bonnprint/iText (HKLM-x32\...\BPiText) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{761B6C00-A23A-4F17-9D23-CB7E48307314}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - DE (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x32 Version: 16.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM-x32\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1519 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.1616 - CyberLink Corp.) Hidden
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
Die Völker 2 Gold Edition (HKLM-x32\...\{8C0A88AE-8388-42D5-9134-149BCD77E4F2}) (Version: 2.0.2 - JoWooD Productions Software AG)
DigitalPersona Personal 3.0.1 (HKLM\...\{20D621AE-A08D-4009-9489-73D0B7D96537}) (Version: 3.0.1 - DigitalPersona, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ERDAS IMAGINE 8.5 (HKLM-x32\...\ERDAS IMAGINE 8.5) (Version:  - )
ERDAS IMAGINE 9.1 (HKLM-x32\...\{AC884A85-6A98-4E03-A708-431E1F1682FA}) (Version: 9.1 - Leica Geosystems Geospatial Imaging, LLC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESU for Microsoft Vista (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Plug-In (HKCU\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Free 3GP Video Converter version 3.1 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version:  - DVD Video Soft Limited.)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free DVD Video Burner version 1.1 (HKLM-x32\...\Free DVD Video Burner_is1) (Version:  - DVD Video Soft Limited.)
Free Studio version 4.3 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free Video to DVD Converter version 1.1 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version:  - DVD Video Soft Limited.)
Free Video to iPod Converter version 3.1 (HKLM-x32\...\Free Video to iPod Converter_is1) (Version:  - DVD Video Soft Limited.)
Free Video to Mp3 Converter version 3.1 (HKLM-x32\...\Free Video to Mp3 Converter_is1) (Version:  - DVD Video Soft Limited.)
Free YouTube Download 2.2 (HKLM-x32\...\Free YouTube Download_is1) (Version:  - DVD Video Soft Limited.)
Free YouTube Uploader version 2.2 (HKLM-x32\...\Free YouTube Uploader_is1) (Version:  - DVD Video Soft Limited.)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP Active Support Library (x32 Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (HKLM-x32\...\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Doc Viewer (HKLM-x32\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM-x32\...\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Help and Support (HKLM-x32\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6204 - HP)
HP Quick Launch Buttons 6.40 D1 (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 D1 - Hewlett-Packard)
HP QuickPlay 3.7 (HKLM-x32\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - Hewlett-Packard)
HP QuickTouch 1.00 D2 (HKLM\...\{1AD2F8FE-A357-4728-BDF8-B92D794CE793}) (Version: 1.0.9 - Hewlett-Packard)
HP Total Care Advisor (HKLM-x32\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.3359.2635 - Hewlett-Packard)
HP Update (HKLM-x32\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HP User Guides 0103 (HKLM-x32\...\{B8169E45-8E23-430B-91D1-EC64540C8ED0}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{340F521E-3576-4E1A-B75C-EB0ACF751379}) (Version: 3.00 J1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6017.13 - IDT)
Interaktive Sprachreise - English Kommunikationstrainer (HKLM-x32\...\KTE_15_676826) (Version:  - digital publishing AG)
iTunes (HKLM\...\{BCF07271-A853-4D3A-B668-4B752174CAA8}) (Version: 10.3.1.55 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java(TM) 6 Update 6 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JMicron JMB38X Flash Media Controller (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.16.01 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2719 - CyberLink Corp.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Majesty (HKLM-x32\...\{CEAF3507-FCB3-11D2-850C-00C0F01410B1}) (Version:  - )
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) (x32 Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) German (x32 Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM-x32\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM-x32\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
My HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.43 - WildTangent)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Open Freely (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66C3}_is1) (Version: 1.0 - Download Freely, LLC)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4518 - CyberLink Corp.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3919 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2719 - CyberLink Corp.)
PowerDirector (x32 Version: 6.5.2719 - CyberLink Corp.) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{191C1158-D287-4074-B749-D4CDD321E062}) (Version: 3.10.1.7 - Hewlett-Packard)
Quantum GIS Wroclaw 1.7.4 Wroclaw (HKLM-x32\...\Quantum GIS Wroclaw) (Version: 1.7.4-r67332-1 - QGIS Development Team)
QuickPlay SlingPlayer 0.4.6 (HKLM-x32\...\SlingMedia.QPSlingPlayer_is1) (Version: 0.4.6 - SlingMedia)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.4.0 - Synaptics)
TAS (HKLM-x32\...\DhtDeinstKey) (Version:  - )
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
Tropico (HKLM-x32\...\{818FB39B-1A57-4F1B-A54D-391C33D6C586}) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.39 - Validity Sensors, Inc.)
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - German (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.0.0 (HKLM-x32\...\VLC media player) (Version: 1.0.0 - VideoLAN Team)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

30-03-2014 17:35:50 Windows Vista™ Service Pack 2
31-03-2014 11:11:07 Windows Update
01-04-2014 01:00:32 Windows Update
01-04-2014 15:39:27 Geplanter Prüfpunkt
02-04-2014 10:51:24 Windows Update
08-04-2014 17:11:58 Windows Update
09-04-2014 07:41:15 Windows Update

==================== Hosts content: ==========================

2006-11-02 14:34 - 2014-04-05 13:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {41B89B59-CFEA-4BC3-A0A4-65A2E94507C0} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {4966F2ED-6344-4806-A63E-A62B31E21079} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15] (Google Inc.)
Task: {6B331582-89A1-462C-83BB-5D60FBB0AE39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-15] (Google Inc.)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C2E438EC-409D-4AC1-B2ED-47C781AEE9B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {C451ACF6-F5B0-4221-898B-A989CC0FCD45} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C9A6BB9E-7C3A-4E92-9300-8579E5CEED11} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-13 19:49 - 2009-11-04 14:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00292216 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2008-07-31 09:17 - 2008-06-25 22:36 - 00116080 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
2008-07-31 10:30 - 2008-04-26 01:15 - 00361808 _____ () C:\Windows\SMINST\BLService.exe
2008-07-31 10:22 - 2007-01-09 11:25 - 00272024 _____ () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2008-06-19 13:59 - 2008-06-19 13:59 - 00167936 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-07-31 09:16 - 2008-06-25 22:34 - 00074536 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\Common\MCEMediaStatus64.dll
2008-04-11 08:49 - 2008-04-11 08:49 - 00685360 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
2014-03-24 11:25 - 2014-02-25 12:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00259480 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2008-07-31 09:17 - 2008-06-25 22:36 - 00038184 _____ () C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2008-07-31 10:30 - 2007-11-15 01:46 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00137808 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-03-25 17:07 - 2014-03-25 17:07 - 00063568 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2009-09-04 23:15 - 2009-09-04 23:15 - 00067872 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-05 13:33 - 2014-03-25 17:07 - 00049744 _____ () C:\Users\Timmi\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-04-02 13:02 - 2014-04-02 13:02 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 16:24 - 2014-03-12 16:24 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter #7
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2014 00:32:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (02/19/2012 07:05:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 407 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (02/06/2012 10:46:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10141 seconds with 4920 seconds of active time.  This session ended with a crash.

Error: (06/07/2011 11:46:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-04-09 12:42:07.772
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-09 12:42:07.633
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-09 12:42:07.495
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-09 12:42:07.357
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-09 12:42:07.087
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-09 12:42:06.949
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-09 12:42:06.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-09 12:42:06.672
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-09 12:41:05.437
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-09 12:41:05.298
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 4092.03 MB
Available physical RAM: 2059.32 MB
Total Pagefile: 8407.3 MB
Available Pagefile: 6000.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:288.17 GB) (Free:11.29 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:298.09 GB) (Free:140.99 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:9.92 GB) (Free:1.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:282.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 07D207D1)
Partition 1: (Active) - (Size=288 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: 71A60E69)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CFEBFFCA)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Antwort

Themen zu Verdacht: Trojaner auf externer Festplatte
avira, dateien, externe, externe festplatte, externer, festplatt, festplatte, fotos, fund, führt, gen, größe, nicht mehr, ordner, ordners, platt, platte, retten, teilweise, troja, trojaner, ursprung, verdacht, verlinkte, viren



Ähnliche Themen: Verdacht: Trojaner auf externer Festplatte


  1. Trojaner von externer Festplatte in avast! Container verschoben. Und jetzt?
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (28)
  2. Trojaner Sirefef.Ag.9/Pidief.hck auf 2 PCs + externer Festplatte
    Log-Analyse und Auswertung - 26.02.2013 (3)
  3. Trojaner e621ca05.exe auf externer Festplatte. Ist auch mein Rechner befallen?
    Log-Analyse und Auswertung - 21.11.2012 (10)
  4. Dropper und Trojaner in Externer Festplatte - Fake Meldung?
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (4)
  5. Trojaner versteckt Dateien auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 21.05.2012 (1)
  6. Trojaner auf externer Festplatte - Aus Ordnern wurden Verlinkungen
    Plagegeister aller Art und deren Bekämpfung - 31.01.2012 (3)
  7. autorun.inf auf externer Festplatte !
    Plagegeister aller Art und deren Bekämpfung - 05.09.2011 (5)
  8. Trojaner auf Externer Festplatte - Kein zuriff auf Ordner
    Plagegeister aller Art und deren Bekämpfung - 05.08.2011 (34)
  9. Windows Recovery Trojaner - erste Bekämpfung und Frage zu externer Festplatte
    Log-Analyse und Auswertung - 30.04.2011 (12)
  10. Gefahr für Mac durch Trojaner/Malware auf externer Festplatte?
    Alles rund um Mac OSX & Linux - 07.04.2011 (39)
  11. Virus autorun.inf auf Festplatte, externer Festplatte und USB
    Plagegeister aller Art und deren Bekämpfung - 15.02.2011 (20)
  12. Trojaner Fund TR/StartPage.PVU & TR/Dldr.Age.1171323 auf externer Festplatte
    Log-Analyse und Auswertung - 28.01.2011 (1)
  13. Trojaner im Recycler auf externer Festplatte gefunden: TR/Autorun.nt
    Plagegeister aller Art und deren Bekämpfung - 20.10.2010 (3)
  14. Sparkassen-Trojaner (40 TANs) von externer Festplatte entfernen
    Plagegeister aller Art und deren Bekämpfung - 06.08.2010 (16)
  15. Virus (Trojaner Win32 Fake/AV) auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 03.02.2010 (1)
  16. Trojaner (trojan.downloader) auf externer Festplatte.
    Log-Analyse und Auswertung - 18.05.2009 (0)
  17. Trojaner auf externer Festplatte
    Mülltonne - 03.07.2008 (0)

Zum Thema Verdacht: Trojaner auf externer Festplatte - Hallo, ich habe den Verdacht, dass meine externe Festplatte mit Viren überflutet ist. Die Ordner sind teilweise nicht mehr zu finden, teilweise nur noch als Verlinkungen angezeigt. Wenn ich die - Verdacht: Trojaner auf externer Festplatte...
Archiv
Du betrachtest: Verdacht: Trojaner auf externer Festplatte auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.