Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Proxy angeblich auf localhost:21320

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.04.2014, 11:57   #1
ikeike
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Hallo,

ich nutze das Wiso Steuer Sparbuch.
Wenn ich ein Update machen möchte, bekomme ich seit gestern die Fehlermeldung:
Proxyserver reagiert nicht.
Überprüfen Sie die Proxyeinstellungen localhost:21320

Unter Internetoptionen > Verbindungen > LAN-Einstellungen ist aber kein Proxy eingerichtet!
An der Firewall habe ich - meines Wissens - auch nichts verändert.

Nachdem ich bei Google nichts finde, auch nicht im Zusammenhang mit Wiso, habe ich jetzt den Verdacht, dass ich mir etwas eingefangen habe. Kann das sein?

Die "Anleitung für Hilfesuchende" habe ich durchgelesen und die einzelnen Schritte durchgeführt.
Hinweis: ich nutze den Rechner auch als Freiberuflerin.

Defogger wurde ohne Fehler beendet.
Avira findet bei einem kompletten Systemscan nichts.

FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by ike (ATTENTION: The logged in user is not administrator) on SIXTYFIVE on 02-04-2014 11:21:07
Running from C:\Users\ike\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(LaCie) C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [X]
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [picon] - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-08-20] (Lenovo)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM-x32\...\Run: [PWMTRV] - rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [MyPhoneExplorer] - C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe [5127896 2013-09-02] (F.J. Wechselberger)
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\MountPoints2: {6bc48649-2ce5-11e1-8cfa-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\MountPoints2: {ed1c6d4f-45ac-11e1-840b-005056c00008} - H:\SETUP.EXE
Lsa: [Notification Packages] scecli ACGina
Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk
ShortcutTarget: Wuala.lnk -> C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe (LaCie)
Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2883572FA868CD01
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: HKLM-x32 {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://eu.secure.linde.com/,DSID=b4ac6b3a41ce43e43b63515bdec8448d,DanaInfo=mlgmuc00mail042.linde.lds.grp,ST=1+/dwa85W.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://secure.linde.com/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\ike\AppData\Roaming\mozilla\plugins\npMeetingJoinPluginAOCUser.dll ()
FF SearchPlugin: C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FRITZ!Box AddOn - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\fb_add_on@avm.de [2013-07-24]
FF Extension: Bitdefender QuickScan - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013-10-07]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-01-03]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\elemhidehelper@adblockplus.org.xpi [2012-10-28]
FF Extension: Firebug - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\firebug@software.joehewitt.com.xpi [2012-01-03]
FF Extension: Ghostery - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]
FF Extension: It's All Text! - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\itsalltext@docwhat.gerf.org.xpi [2012-01-03]
FF Extension: ShareMeNot - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\sharemenot@franziroesner.com.xpi [2012-01-22]
FF Extension: SiteDelta - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\sitedelta@schierla.de.xpi [2012-01-03]
FF Extension: Tree Style Tab - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2012-01-03]
FF Extension: All-in-One Sidebar - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2012-01-03]
FF Extension: SmoothWheel (mozdev.org) - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2012-01-03]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-06]
FF Extension: NoScript - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-07-04]
FF Extension: Clip to OneNote - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{966762eb-7132-4081-ac70-20d20161ad96}.xpi [2012-01-17]
FF Extension: Tab Mix Plus - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2012-01-03]
FF Extension: Adblock Edge - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2012-10-28]

==================== Services (Whitelisted) =================

S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-02-05] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 ATService; C:\Windows\system32\ATService.exe [2713920 2010-02-05] (AuthenTec, Inc.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-09-03] (Lenovo.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-02-05] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] ()
S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-12-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 NETw5s64; system32\DRIVERS\NETw5s64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-02 11:21 - 2014-04-02 11:21 - 00019770 _____ () C:\Users\ike\Desktop\FRST.txt
2014-04-02 11:21 - 2014-04-02 11:21 - 00000000 ____D () C:\FRST
2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log
2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable
2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe
2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe
2014-04-02 11:12 - 2014-04-02 11:12 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt
2014-04-02 10:59 - 2014-04-02 10:59 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt
2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe
2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt
2014-04-02 10:15 - 2014-04-02 10:15 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe
2014-04-02 09:45 - 2014-04-02 09:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-02 09:45 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-02 09:45 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-02 09:45 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 12:17 - 2014-04-02 08:53 - 00091128 _____ () C:\Users\ike\Documents\TerminierungsTool1.xlsx
2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-24 12:09 - 2014-03-24 12:11 - 00049234 _____ () C:\Users\ike\Documents\BaugruppenNachBedarfsimport.xlsx
2014-03-19 18:42 - 2014-03-19 18:43 - 00000000 ____D () C:\Program Files (x86)\Hagemeyer
2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat
2014-03-12 19:25 - 2014-03-12 19:56 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung
2014-03-12 08:55 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 08:55 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 08:55 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 08:55 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 08:55 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 08:55 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 08:55 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 08:55 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 08:55 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 08:55 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 08:55 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 08:55 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 08:55 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 08:55 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 08:55 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 08:55 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 08:55 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 08:55 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 08:55 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 08:55 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 08:55 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 08:55 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 08:55 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 08:55 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 08:55 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 08:55 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 08:55 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 08:55 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 08:55 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 08:55 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 08:55 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 08:55 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 08:55 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 08:55 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 08:55 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 08:55 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 08:55 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 08:55 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 08:55 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 08:55 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 08:55 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 08:55 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 08:55 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 08:55 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 08:54 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 08:54 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 08:54 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 08:54 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-06 12:07 - 2014-03-28 10:15 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp
2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype
2014-03-03 15:00 - 2014-04-02 11:02 - 00000000 ____D () C:\AdwCleaner
2014-03-03 14:19 - 2014-03-03 14:19 - 01064488 _____ (BillP Studios) C:\Users\ikeAdmin\Downloads\wpsetup.exe
2014-03-03 14:02 - 2014-03-03 14:02 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-03 12:07 - 2014-03-03 12:07 - 00000000 ____D () C:\Windows\ERUNT
2014-03-03 12:01 - 2014-04-02 10:22 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe
2014-03-03 10:39 - 2014-03-03 10:40 - 00074953 _____ () C:\Users\ike\Downloads\Addition.txt
2014-03-03 10:38 - 2014-03-03 10:40 - 00047705 _____ () C:\Users\ike\Downloads\FRST.txt
2014-03-03 10:38 - 2014-03-03 10:38 - 02156544 _____ (Farbar) C:\Users\ike\Downloads\FRST64.exe

==================== One Month Modified Files and Folders =======

2014-04-02 11:21 - 2014-04-02 11:21 - 00019770 _____ () C:\Users\ike\Desktop\FRST.txt
2014-04-02 11:21 - 2014-04-02 11:21 - 00000000 ____D () C:\FRST
2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log
2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable
2014-04-02 11:20 - 2011-12-22 23:48 - 00000000 ____D () C:\Users\ikeAdmin
2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe
2014-04-02 11:18 - 2013-02-25 15:52 - 00735986 _____ () C:\Windows\system32\perfh015.dat
2014-04-02 11:18 - 2013-02-25 15:52 - 00157504 _____ () C:\Windows\system32\perfc015.dat
2014-04-02 11:18 - 2011-12-22 23:47 - 02038210 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 11:18 - 2011-06-02 08:18 - 00741084 _____ () C:\Windows\system32\perfh00A.dat
2014-04-02 11:18 - 2011-06-02 08:18 - 00160106 _____ () C:\Windows\system32\perfc00A.dat
2014-04-02 11:18 - 2011-06-02 08:14 - 00724646 _____ () C:\Windows\system32\prfh0816.dat
2014-04-02 11:18 - 2011-06-02 08:14 - 00154538 _____ () C:\Windows\system32\prfc0816.dat
2014-04-02 11:18 - 2011-06-02 08:09 - 00709508 _____ () C:\Windows\system32\prfh0416.dat
2014-04-02 11:18 - 2011-06-02 08:09 - 00149288 _____ () C:\Windows\system32\prfc0416.dat
2014-04-02 11:18 - 2011-06-02 08:05 - 00735674 _____ () C:\Windows\system32\perfh010.dat
2014-04-02 11:18 - 2011-06-02 08:05 - 00148478 _____ () C:\Windows\system32\perfc010.dat
2014-04-02 11:18 - 2011-06-02 08:01 - 00705108 _____ () C:\Windows\system32\perfh007.dat
2014-04-02 11:18 - 2011-06-02 08:01 - 00151476 _____ () C:\Windows\system32\perfc007.dat
2014-04-02 11:18 - 2011-06-02 07:57 - 00741344 _____ () C:\Windows\system32\perfh00C.dat
2014-04-02 11:18 - 2011-06-02 07:57 - 00151212 _____ () C:\Windows\system32\perfc00C.dat
2014-04-02 11:18 - 2011-06-02 07:53 - 00739126 _____ () C:\Windows\system32\perfh013.dat
2014-04-02 11:18 - 2011-06-02 07:53 - 00154734 _____ () C:\Windows\system32\perfc013.dat
2014-04-02 11:18 - 2009-07-14 07:13 - 07821810 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe
2014-04-02 11:16 - 2012-01-12 13:40 - 00000000 ____D () C:\Users\ike\AppData\Roaming\Skype
2014-04-02 11:15 - 2012-01-09 12:30 - 00000000 ____D () C:\Users\ike\AppData\Local\TSVNCache
2014-04-02 11:14 - 2013-12-17 08:55 - 00006384 _____ () C:\Windows\setupact.log
2014-04-02 11:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-02 11:13 - 2012-01-09 16:37 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\TSVNCache
2014-04-02 11:12 - 2014-04-02 11:12 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt
2014-04-02 11:05 - 2012-07-06 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-02 11:02 - 2014-03-03 15:00 - 00000000 ____D () C:\AdwCleaner
2014-04-02 11:01 - 2011-12-23 00:14 - 00123872 _____ () C:\Users\ikeAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-02 10:59 - 2014-04-02 10:59 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt
2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe
2014-04-02 10:56 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-02 10:56 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-02 10:49 - 2011-12-29 14:36 - 00123872 _____ () C:\Users\ike\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-02 10:48 - 2013-07-31 22:01 - 00102230 _____ () C:\Windows\PFRO.log
2014-04-02 10:48 - 2009-07-14 06:45 - 00508664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-02 10:41 - 2013-01-17 09:17 - 00000000 ____D () C:\Users\ike\AppData\Local\Deployment
2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt
2014-04-02 10:22 - 2014-03-03 12:01 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe
2014-04-02 10:15 - 2014-04-02 10:15 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe
2014-04-02 09:50 - 2014-04-02 09:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-02 09:45 - 2012-03-20 10:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-02 08:53 - 2014-03-31 12:17 - 00091128 _____ () C:\Users\ike\Documents\TerminierungsTool1.xlsx
2014-04-02 07:29 - 2012-01-12 16:57 - 00000000 ____D () C:\Users\ike\.VirtualBox
2014-04-01 22:18 - 2013-03-24 17:00 - 00000000 ____D () C:\Users\ike\AppData\Roaming\TV-Browser
2014-04-01 11:03 - 2014-02-13 08:43 - 00007218 _____ () C:\Users\ike\Documents\SnagitLog.dat
2014-03-31 15:41 - 2012-01-25 20:17 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-03-28 13:48 - 2012-11-23 14:57 - 00000039 _____ () C:\Windows\vbaddin.ini
2014-03-28 13:48 - 2011-12-23 01:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-28 10:15 - 2014-03-06 12:07 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp
2014-03-28 10:10 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-27 17:52 - 2012-01-18 17:02 - 00000600 _____ () C:\Users\ike\AppData\Roaming\winscp.rnd
2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-24 15:42 - 2012-05-02 13:42 - 00000000 ____D () C:\Users\ike\AppData\Local\CrashDumps
2014-03-24 12:11 - 2014-03-24 12:09 - 00049234 _____ () C:\Users\ike\Documents\BaugruppenNachBedarfsimport.xlsx
2014-03-24 08:36 - 2012-11-23 08:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-23 15:11 - 2014-02-15 19:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-20 08:50 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\ShellNew
2014-03-20 08:48 - 2009-07-14 04:34 - 00000510 _____ () C:\Windows\win.ini
2014-03-19 18:43 - 2014-03-19 18:42 - 00000000 ____D () C:\Program Files (x86)\Hagemeyer
2014-03-19 08:51 - 2013-12-20 09:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-18 09:03 - 2013-07-23 21:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 09:01 - 2011-12-23 00:27 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat
2014-03-12 20:25 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 20:00 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 19:56 - 2014-03-12 19:25 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung
2014-03-11 21:05 - 2012-04-10 11:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 21:05 - 2011-12-23 14:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 08:54 - 2011-12-23 00:07 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-10 08:53 - 2011-12-23 22:58 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-10 08:52 - 2012-01-13 12:18 - 00123872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-03-10 08:52 - 2012-01-13 12:18 - 00000000 ____D () C:\Users\ike\AppData\Local\Lenovo
2014-03-07 19:47 - 2012-02-06 15:16 - 00000767 _____ () C:\Windows\wiso.ini
2014-03-05 09:26 - 2014-04-02 09:45 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-04-02 09:45 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-04-02 09:45 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype
2014-03-05 09:10 - 2012-01-12 13:40 - 00000000 ____D () C:\ProgramData\Skype
2014-03-03 20:28 - 2012-01-23 14:42 - 00000000 ____D () C:\Users\ikeAdmin\Documents\Visual Studio 2010
2014-03-03 15:06 - 2012-01-23 18:07 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Skype
2014-03-03 14:27 - 2012-05-18 10:38 - 00000136 _____ () C:\Users\ikeAdmin\Desktop\Neues Textdokument.txt
2014-03-03 14:22 - 2013-08-01 11:41 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-03 14:19 - 2014-03-03 14:19 - 01064488 _____ (BillP Studios) C:\Users\ikeAdmin\Downloads\wpsetup.exe
2014-03-03 14:14 - 2013-07-24 09:04 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-03-03 14:08 - 2013-08-03 15:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-03 14:02 - 2014-03-03 14:02 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-03 14:00 - 2013-09-13 11:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 13:59 - 2012-10-29 12:44 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-03 13:59 - 2012-10-29 12:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-03 13:59 - 2012-01-17 11:41 - 00000000 ____D () C:\Windows\Minidump
2014-03-03 12:43 - 2011-12-29 14:09 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Buhl Data Service GmbH
2014-03-03 12:07 - 2014-03-03 12:07 - 00000000 ____D () C:\Windows\ERUNT
2014-03-03 10:40 - 2014-03-03 10:39 - 00074953 _____ () C:\Users\ike\Downloads\Addition.txt
2014-03-03 10:40 - 2014-03-03 10:38 - 00047705 _____ () C:\Users\ike\Downloads\FRST.txt
2014-03-03 10:38 - 2014-03-03 10:38 - 02156544 _____ (Farbar) C:\Users\ike\Downloads\FRST64.exe

Some content of TEMP:
====================
C:\Users\ike\AppData\Local\Temp\80C33D6E6AC507355C1C02C567CBC38B_HeimdalSetup.exe
C:\Users\ike\AppData\Local\Temp\avgnt.exe
C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.dll
C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.exe
C:\Users\ike\AppData\Local\Temp\proxy_util_w32.dll
C:\Users\ike\AppData\Local\Temp\unrar.dll
C:\Users\ikeAdmin\AppData\Local\Temp\avgnt.exe
C:\Users\ikeAdmin\AppData\Local\Temp\tmp69B3.exe
C:\Users\ikeAdmin\AppData\Local\Temp\unrar.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
         
Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by ike at 2014-04-02 11:21:39
Running from C:\Users\ike\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Add-in Express for Microsoft Office and .NET, Standard (HKLM-x32\...\{CB3CB52F-6F12-42FD-A840-4C55EC2CA0B8}) (Version: 7.1.4050 - Add-in Express Ltd)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.831.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{35A50BE1-FDD7-4FC7-CCE5-03D2A63D4CF4}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
AnkhSVN 2.4.11610.27 (HKLM-x32\...\{1B6B2817-89AF-4947-A768-0766D7906BCB}) (Version: 2.4.11610.27 - AnkhSVN Team)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.71.00 - )
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5-110424b-119200C-Lenovo - ATI Technologies, Inc.)
AuthenTec TrueSuite (HKLM\...\{E6C44758-FF49-47D1-8182-65E3818ACE23}) (Version: 2.0.0.57 - AuthenTec, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2011.0424.2249.39080 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0424.2249.39080 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help English (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help French (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help German (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0424.2249.39080 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0424.2249.39080 - ATI) Hidden
Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
Custom UI Editor for Microsoft Office (HKLM-x32\...\{C644FAAE-42FD-4FEC-B170-AB40B128B9AF}) (Version: 3.14.1592 - Microsoft Corporation)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.7 - REINER SCT)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Deutsche Post E-Porto (HKLM-x32\...\{A51F5414-4A2B-45A0-8EF2-B4D29CFBCAE7}) (Version: 2.3.0 - Deutsche Post AG)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct Printing Utility (HKLM-x32\...\Direct Printing Utility) (Version: 1.02.06:03 - Samsung Electronics Co., Ltd.)
docUtilities (HKLM-x32\...\{3F4C4A23-73DA-4088-A28B-674AF855C5EE}) (Version: 1.4.12 - nutzware)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator Software Services - Community Edition - DEU (HKLM-x32\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.63.1 - Lenovo Group Limited)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{47AA145C-1698-4C76-A15B-23730399A423}) (Version: 11.1.21009.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Excel VBA Code Cleaner 5.0 (HKLM-x32\...\Excel VBA Code Cleaner 5.0) (Version:  - )
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2736182) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2736182) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2890573) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2890573) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2529927) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2529927) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2548139) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2548139) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2549864) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2549864) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2635973) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2736182) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2736182) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2890573) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2890573) (Version: 1 - Microsoft Corporation)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel PROSet Wireless (Version:  - ) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel(R) Network Connections 17.4.95.0 (HKLM\...\PROSetDX) (Version: 17.4.95.0 - Intel)
Intel(R) Network Connections 17.4.95.0 (Version: 17.4.95.0 - Intel) Hidden
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Klok 2 (HKLM-x32\...\Klok2.DD7F2188B985C2439837C76B42A187050457E61B.1) (Version: 2.5.9 - Mcgraphix, Inc.)
Klok 2 (x32 Version: 2.5.9 - Mcgraphix, Inc.) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.27 - AuthenTec, Inc.)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Solution Center (HKLM\...\{D60E3A84-5DDC-49ED-B9A5-E3466996EB36}) (Version: 2.3.002.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - DEU (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - DEU (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for Silverlight 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 v3.0 Core (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - DEU (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden
Microsoft LightSwitch für Visual Studio 2012 CoreRes - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Lync 2010 Attendee (HKLM-x32\...\{44228375-A198-489B-B90F-F88A1A78D5F5}) (Version: 4.0.7577.4415 - Microsoft Corporation)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2010 Code Compatibility Inspector Update 1 (HKLM-x32\...\{715D5ADB-4054-44FA-A2D8-8B7082E10A42}) (Version: 2.2.1 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.60130.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Power Query for Excel (HKLM-x32\...\{1BCE483C-D8D3-451C-9FB8-3CD9F57E385B}) (Version: 1.5.3296.2082 - Microsoft Corporation)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On für Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{803910CC-3A39-45E3-A594-0D5512A60A86}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{5ADA62BD-2FC0-4ECE-93AA-C933E69B2AB5}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (HKLM-x32\...\{BB1E119E-CF4B-4183-910E-A8C2B379F2C6}) (Version: 10.50.1752.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{919E5477-D20B-4F64-AE8B-8199469F7817}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (HKLM-x32\...\{103A5E44-DD5B-46D5-AD1E-9DF2260CA023}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{0D432429-C79C-462D-ABD8-4D82B83A954B}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - DEU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Professional - DEU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Leistungserfassungstools - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Leistungserfassungstools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Vorbereitung (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{66efbe1c-fcf5-4623-93f6-1ae2445aff93}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 - deu (x32 Version: 1.2.40308.0 - Microsoft Corporation) Hidden
Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 (x32 Version: 1.2.40308.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
MZ-Tools 3.0 für VBA (HKLM-x32\...\{2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1) (Version:  - MZTools Software)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Oracle VM VirtualBox 4.3.6 (HKLM\...\{DC65DFD8-E175-4A85-948A-42965853B2E8}) (Version: 4.3.6 - Oracle Corporation)
PDF Creator Pilot 4.3 x64 Edition (HKLM\...\{467D4F46-B75D-4E9F-B710-D933D687B9BD}) (Version: 4.3 - Two Pilots)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.0 - Tracker Software Products Ltd)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.00.70.00 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.1.0 - Samsung Electronics)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.22.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-483x 5x3x Series (HKLM-x32\...\Samsung SCX-483x 5x3x Series) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Scribble Papers 2.6.1 (HKLM-x32\...\Scribble Papers_is1) (Version:  - Jens Hoetger)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sicherheitsupdate für Microsoft Visual Studio 2010 Professional - DEU (KB2645410) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2645410) (Version: 1 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Snagit 11 (HKLM-x32\...\{D0CC22F6-A67A-4083-A043-E0640CB7A4DF}) (Version: 11.2.1 - TechSmith Corporation)
soapUI 4.5.1 4.5.1 (HKLM-x32\...\5517-2803-0637-4585) (Version: 4.5.1 - SmartBear Software)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.10 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.11 - Lenovo)
tools-linux (x32 Version: 9.2.0.812388 - VMware, Inc.) Hidden
TortoiseSVN 1.7.13.24257 (64 bit) (HKLM\...\{4560A53B-3BB7-4B72-829E-5BDE5803DC11}) (Version: 1.7.24257 - TortoiseSVN)
TV-Browser 3.3.1 (HKLM-x32\...\tvbrowser) (Version: 3.3.1 - TV-Browser Team)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Prerequisites - DEU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Update 2 (KB2707250) (HKLM-x32\...\{2fba7dd0-b8eb-4185-aea3-e6910d3f8102}) (Version: 11.0.60315 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9201.20602 - Microsoft Corporation) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows App Certification Kit Native Components (Version: 8.59.29736 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012 (x32 Version: 1.8.60301.1601 - Microsoft) Hidden
Windows Azure Tools für LightSwitch HTML Client für Visual Studio 2012 (DEU) (x32 Version: 1.8.60301.1601 - Microsoft) Hidden
Windows Runtime Intellisense Content - de-de (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (01/14/2010 8.6.0.13) (HKLM\...\0481B164C8D1D26C560D6A5E717C5920D4362D60) (Version: 01/14/2010 8.6.0.13 - AuthenTec Inc.)
WinSCP 5.2.7 RC (HKLM-x32\...\winscp3_is1) (Version: 5.2.7 RC - Martin Prikryl)
WISO Mein Geld 2014 Professional (HKLM-x32\...\WISO Mein Geld 2014 Professional) (Version:  - Buhl Data Service GmbH)
WISO Mein Geld 2014 Professional (x32 Version: 16.0.1.0 - Buhl Data Service GmbH) Hidden
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{CE7A4070-BF51-4E01-97E7-4D8E8A3E90C1}) (Version: 21.01.8499 - Buhl Data Service GmbH)
Word 2007 Content Control Toolkit (HKLM-x32\...\{EFCDC354-00BA-4D01-A6AF-AF3311DA9F44}) (Version: 1.3.0 - Microsoft)
Wuala (HKCU\...\Wuala) (Version: 1.0.380.0 - LaCie)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Zeta Resource Editor 2.2.0.27 (nur entfernen) (HKLM-x32\...\ZetaResourceEditor) (Version: 2.2.0.27 - Zeta Software GmbH)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-01-30 11:44 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2013-06-01 10:00 - 2013-06-01 10:00 - 00088848 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2012-01-09 09:25 - 2013-09-03 06:03 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2011-03-14 15:21 - 2011-03-14 15:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-24 23:48 - 2011-04-24 23:48 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\00619851.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\00619851.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: LENOVO.CAMMUTE => 2
MSCONFIG\Services: LENOVO.MICMUTE => 2
MSCONFIG\Services: LENOVO.TPKNRSVC => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: FingerPrintSoftware => "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
MSCONFIG\startupreg: FingerPrintSoftwareSplashScreen => "C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe" \s
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/02/2014 11:14:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/02/2014 11:13:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen Status gemeldet: 0


Microsoft Office Sessions:
=========================
Error: (04/02/2014 11:14:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-03-03 12:52:25.947
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 12:43:57.472
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 11:43:02.699
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 11:14:58.410
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 11:05:26.793
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 11:00:04.740
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 09:24:44.099
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 09:10:29.750
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 08:56:18.710
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-02 11:51:41.385
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 30%
Total physical RAM: 8086.02 MB
Available physical RAM: 5595.7 MB
Total Pagefile: 8184.2 MB
Available Pagefile: 5550.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.36 GB) (Free:33.47 GB) NTFS
Drive d: (home) (Network) (Total:1829.34 GB) (Free:1393.11 GB) NTFS
Drive t: (Temporäres) (Network) (Total:1829.34 GB) (Free:1393.11 GB) NTFS
Drive w: (Wuala) (Network) (Total:5 GB) (Free:3.77 GB) FAT32

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
Gmer.txt
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-02 11:37:10
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.CXM0 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\ikeAdmin\AppData\Local\Temp\fxlirpow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[2100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69     0000000076231465 2 bytes [23, 76]
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[2100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155    00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe[2156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69           0000000076231465 2 bytes [23, 76]
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe[2156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155          00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2
.text  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[2992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000076231465 2 bytes [23, 76]
.text  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[2992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2
.text  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2500] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69     0000000076231465 2 bytes [23, 76]
.text  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2500] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155    00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2
.text  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69            0000000076231465 2 bytes [23, 76]
.text  C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155           00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2
.text  C:\Program Files (x86)\Skype\Phone\Skype.exe[4748] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                         0000000076231465 2 bytes [23, 76]
.text  C:\Program Files (x86)\Skype\Phone\Skype.exe[4748] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                        00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2
.text  C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4700] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint         0000000077b9000c 1 byte [C3]
.text  C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4700] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin    0000000077c1f8ea 5 bytes JMP 0000000177bcd5c1
.text  C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe[5512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                         0000000076231465 2 bytes [23, 76]
.text  C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe[5512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                        00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[6096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69      0000000076231465 2 bytes [23, 76]
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[6096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155     00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2
.text  C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE[5764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69               0000000076231465 2 bytes [23, 76]
.text  C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE[5764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155              00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2
.text  C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe[4476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69              0000000076231465 2 bytes [23, 76]
.text  C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe[4476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155             00000000762314bb 2 bytes [23, 76]
.text  ...                                                                                                                                * 2

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00234df53ff6                                                        
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00234df53ff6 (not active ControlSet)                                    

---- EOF - GMER 2.1 ----
         
mbam.txt
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.04.2014
Suchlauf-Zeit: 12:08:14
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.0.1000
Malware Datenbank: v2014.04.02.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ike

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 280527
Verstrichene Zeit: 8 Min, 52 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Alt 02.04.2014, 13:26   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Zitat:
Administrator: Nein
Ran by ike (ATTENTION: The logged in user is not administrator)
MBAM und FRST musst du nochmal machen, aber bitte mit Adminrechten. Ohne Adminrechte hat man keine Chance.

Zudem hab ich den Eindruck, dass du da an einem Büro-Computer sitzt?
Wenn nicht, dann erklär bitte kurz warum ein Ultimate Windows, SQL-Server, Crytal Reports, Visual Studio et. pp.
__________________

__________________

Alt 02.04.2014, 13:49   #3
ikeike
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Vielen Dank erstmal für die Rückmeldung!

Ich bin freiberuflich als VBA-Entwicklerin tätig - daher die Programme.
Ich hatte eure Richtlinien (http://www.trojaner-board.de/108422-...-anfragen.html) so verstanden, dass ihr Einzelkämpfer trotzdem unterstützt. Wenn nicht, dann sag Bescheid.

Sorry wg. der Log-files.
Aber unter http://www.trojaner-board.de/69886-a...-beachten.html fehlt dann der Hinweis, dass man FRST als Admin starten soll.


FRST.log

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by ikeAdmin (administrator) on SIXTYFIVE on 02-04-2014 14:32:40
Running from C:\Users\ike\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

() C:\Windows\system32\DTS.exe
(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\system32\ATService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LaCie) C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\windows\system32\spool\drivers\x64\3\ssn2mpi.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [X]
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [picon] - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-08-20] (Lenovo)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM-x32\...\Run: [PWMTRV] - rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {3071cdf2-3215-11e1-b819-001c259f26f4} - D:\Autorun\ShelExec.exe default.htm
HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {6bc48649-2ce5-11e1-8cfa-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {ed1c6d4f-45ac-11e1-840b-005056c00008} - H:\autorun.exe
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [MyPhoneExplorer] - C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe [5127896 2013-09-02] (F.J. Wechselberger)
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\MountPoints2: {6bc48649-2ce5-11e1-8cfa-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\MountPoints2: {ed1c6d4f-45ac-11e1-840b-005056c00008} - H:\SETUP.EXE
Lsa: [Notification Packages] scecli ACGina
Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk
ShortcutTarget: Wuala.lnk -> C:\Users\ikeAdmin\AppData\Roaming\Wuala\Wuala.exe (No File)
Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF51451D0F4C0CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://eu.secure.linde.com/,DSID=b4ac6b3a41ce43e43b63515bdec8448d,DanaInfo=mlgmuc00mail042.linde.lds.grp,ST=1+/dwa85W.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://secure.linde.com/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3B1EB929-7EFA-4E22-80FE-A29410C5D992}: [NameServer]192.168.1.248

FireFox:
========
FF ProfilePath: C:\Users\ikeAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\phz8zmin.default-1389100139951
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-02-05] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 ATService; C:\Windows\system32\ATService.exe [2713920 2010-02-05] (AuthenTec, Inc.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-09-03] (Lenovo.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-02-05] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] ()
S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-12-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 NETw5s64; system32\DRIVERS\NETw5s64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-02 12:33 - 2014-04-02 12:33 - 00879028 _____ () C:\Users\ike\Documents\Terminierungstool.xlsm
2014-04-02 11:37 - 2014-04-02 11:37 - 00005909 _____ () C:\Users\ike\Desktop\gmer.log
2014-04-02 11:21 - 2014-04-02 14:32 - 00019980 _____ () C:\Users\ike\Desktop\FRST.txt
2014-04-02 11:21 - 2014-04-02 14:32 - 00000000 ____D () C:\FRST
2014-04-02 11:21 - 2014-04-02 11:21 - 00060304 _____ () C:\Users\ike\Desktop\Addition.txt
2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log
2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable
2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe
2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe
2014-04-02 11:12 - 2014-04-02 11:12 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt
2014-04-02 10:59 - 2014-04-02 12:08 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt
2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe
2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt
2014-04-02 10:15 - 2014-04-02 10:15 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe
2014-04-02 09:45 - 2014-04-02 09:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-02 09:45 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-02 09:45 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-02 09:45 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 12:17 - 2014-04-02 08:53 - 00091128 _____ () C:\Users\ike\Documents\xxxxx.xlsx
2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-24 12:09 - 2014-03-24 12:11 - 00049234 _____ () C:\Users\ike\Documents\xxxxx.xlsx
2014-03-19 18:42 - 2014-03-19 18:43 - 00000000 ____D () C:\Program Files (x86)\xxxxx
2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat
2014-03-12 19:25 - 2014-03-12 19:56 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung
2014-03-12 08:55 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 08:55 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 08:55 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 08:55 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 08:55 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 08:55 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 08:55 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 08:55 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 08:55 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 08:55 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 08:55 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 08:55 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 08:55 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 08:55 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 08:55 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 08:55 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 08:55 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 08:55 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 08:55 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 08:55 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 08:55 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 08:55 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 08:55 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 08:55 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 08:55 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 08:55 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 08:55 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 08:55 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 08:55 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 08:55 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 08:55 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 08:55 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 08:55 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 08:55 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 08:55 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 08:55 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 08:55 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 08:55 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 08:55 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 08:55 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 08:55 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 08:55 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 08:55 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 08:55 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 08:54 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 08:54 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 08:54 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 08:54 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-06 12:07 - 2014-04-02 13:17 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp
2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype
2014-03-03 15:00 - 2014-04-02 11:02 - 00000000 ____D () C:\AdwCleaner
2014-03-03 14:19 - 2014-03-03 14:19 - 01064488 _____ (BillP Studios) C:\Users\ikeAdmin\Downloads\wpsetup.exe
2014-03-03 14:02 - 2014-03-03 14:02 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-03 12:07 - 2014-03-03 12:07 - 00000000 ____D () C:\Windows\ERUNT
2014-03-03 12:01 - 2014-04-02 10:22 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe
2014-03-03 10:39 - 2014-03-03 10:40 - 00074953 _____ () C:\Users\ike\Downloads\Addition.txt
2014-03-03 10:38 - 2014-03-03 10:40 - 00047705 _____ () C:\Users\ike\Downloads\FRST.txt
2014-03-03 10:38 - 2014-03-03 10:38 - 02156544 _____ (Farbar) C:\Users\ike\Downloads\FRST64.exe

==================== One Month Modified Files and Folders =======

2014-04-02 14:32 - 2014-04-02 11:21 - 00019980 _____ () C:\Users\ike\Desktop\FRST.txt
2014-04-02 14:32 - 2014-04-02 11:21 - 00000000 ____D () C:\FRST
2014-04-02 14:28 - 2012-01-12 13:40 - 00000000 ____D () C:\Users\ike\AppData\Roaming\Skype
2014-04-02 14:13 - 2012-01-25 20:17 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-04-02 14:09 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-02 14:09 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-02 14:05 - 2012-07-06 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-02 13:17 - 2014-03-06 12:07 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp
2014-04-02 12:59 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-02 12:33 - 2014-04-02 12:33 - 00879028 _____ () C:\Users\ike\Documents\xxxx.xlsm
2014-04-02 12:31 - 2012-01-12 16:57 - 00000000 ____D () C:\Users\ike\.VirtualBox
2014-04-02 12:08 - 2014-04-02 10:59 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt
2014-04-02 11:46 - 2013-02-25 15:52 - 00735986 _____ () C:\Windows\system32\perfh015.dat
2014-04-02 11:46 - 2013-02-25 15:52 - 00157504 _____ () C:\Windows\system32\perfc015.dat
2014-04-02 11:46 - 2011-06-02 08:18 - 00741084 _____ () C:\Windows\system32\perfh00A.dat
2014-04-02 11:46 - 2011-06-02 08:18 - 00160106 _____ () C:\Windows\system32\perfc00A.dat
2014-04-02 11:46 - 2011-06-02 08:14 - 00724646 _____ () C:\Windows\system32\prfh0816.dat
2014-04-02 11:46 - 2011-06-02 08:14 - 00154538 _____ () C:\Windows\system32\prfc0816.dat
2014-04-02 11:46 - 2011-06-02 08:09 - 00709508 _____ () C:\Windows\system32\prfh0416.dat
2014-04-02 11:46 - 2011-06-02 08:09 - 00149288 _____ () C:\Windows\system32\prfc0416.dat
2014-04-02 11:46 - 2011-06-02 08:05 - 00735674 _____ () C:\Windows\system32\perfh010.dat
2014-04-02 11:46 - 2011-06-02 08:05 - 00148478 _____ () C:\Windows\system32\perfc010.dat
2014-04-02 11:46 - 2011-06-02 08:01 - 00705108 _____ () C:\Windows\system32\perfh007.dat
2014-04-02 11:46 - 2011-06-02 08:01 - 00151476 _____ () C:\Windows\system32\perfc007.dat
2014-04-02 11:46 - 2011-06-02 07:57 - 00741344 _____ () C:\Windows\system32\perfh00C.dat
2014-04-02 11:46 - 2011-06-02 07:57 - 00151212 _____ () C:\Windows\system32\perfc00C.dat
2014-04-02 11:46 - 2011-06-02 07:53 - 00739126 _____ () C:\Windows\system32\perfh013.dat
2014-04-02 11:46 - 2011-06-02 07:53 - 00154734 _____ () C:\Windows\system32\perfc013.dat
2014-04-02 11:46 - 2009-07-14 07:13 - 07821810 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-02 11:43 - 2011-12-22 23:47 - 02048427 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 11:40 - 2012-01-09 12:30 - 00000000 ____D () C:\Users\ike\AppData\Local\TSVNCache
2014-04-02 11:39 - 2013-12-17 08:55 - 00006496 _____ () C:\Windows\setupact.log
2014-04-02 11:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-02 11:38 - 2012-01-09 16:37 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\TSVNCache
2014-04-02 11:37 - 2014-04-02 11:37 - 00005909 _____ () C:\Users\ike\Desktop\gmer.log
2014-04-02 11:28 - 2012-01-17 11:41 - 00000000 ____D () C:\Windows\Minidump
2014-04-02 11:28 - 2011-12-22 23:39 - 00320793 ____N () C:\Windows\Minidump\040214-15615-01.dmp
2014-04-02 11:21 - 2014-04-02 11:21 - 00060304 _____ () C:\Users\ike\Desktop\Addition.txt
2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log
2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable
2014-04-02 11:20 - 2011-12-22 23:48 - 00000000 ____D () C:\Users\ikeAdmin
2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe
2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe
2014-04-02 11:12 - 2014-04-02 11:12 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt
2014-04-02 11:02 - 2014-03-03 15:00 - 00000000 ____D () C:\AdwCleaner
2014-04-02 11:01 - 2011-12-23 00:14 - 00123872 _____ () C:\Users\ikeAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe
2014-04-02 10:49 - 2011-12-29 14:36 - 00123872 _____ () C:\Users\ike\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-02 10:48 - 2013-07-31 22:01 - 00102230 _____ () C:\Windows\PFRO.log
2014-04-02 10:48 - 2009-07-14 06:45 - 00508664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-02 10:41 - 2013-01-17 09:17 - 00000000 ____D () C:\Users\ike\AppData\Local\Deployment
2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt
2014-04-02 10:22 - 2014-03-03 12:01 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe
2014-04-02 10:15 - 2014-04-02 10:15 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe
2014-04-02 09:50 - 2014-04-02 09:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-02 09:45 - 2012-03-20 10:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-02 08:53 - 2014-03-31 12:17 - 00091128 _____ () C:\Users\ike\Documents\xxxx.xlsx
2014-04-01 22:18 - 2013-03-24 17:00 - 00000000 ____D () C:\Users\ike\AppData\Roaming\TV-Browser
2014-04-01 21:07 - 2014-01-17 18:37 - 00005134 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SIXTYFIVE-ike sixtyfive
2014-04-01 11:03 - 2014-02-13 08:43 - 00007218 _____ () C:\Users\ike\Documents\SnagitLog.dat
2014-03-28 13:48 - 2012-11-23 14:57 - 00000039 _____ () C:\Windows\vbaddin.ini
2014-03-28 13:48 - 2011-12-23 01:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-27 17:52 - 2012-01-18 17:02 - 00000600 _____ () C:\Users\ike\AppData\Roaming\winscp.rnd
2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-24 15:42 - 2012-05-02 13:42 - 00000000 ____D () C:\Users\ike\AppData\Local\CrashDumps
2014-03-24 12:11 - 2014-03-24 12:09 - 00049234 _____ () C:\Users\ike\Documents\xxxx.xlsx
2014-03-24 08:36 - 2012-11-23 08:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-23 15:11 - 2014-02-15 19:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-20 08:50 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\ShellNew
2014-03-20 08:48 - 2009-07-14 04:34 - 00000510 _____ () C:\Windows\win.ini
2014-03-19 18:43 - 2014-03-19 18:42 - 00000000 ____D () C:\Program Files (x86)\Hagemeyer
2014-03-19 08:51 - 2013-12-20 09:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-18 09:03 - 2013-07-23 21:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 09:01 - 2011-12-23 00:27 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat
2014-03-12 20:25 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 20:00 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 19:56 - 2014-03-12 19:25 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung
2014-03-11 21:05 - 2012-07-06 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 21:05 - 2012-04-10 11:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 21:05 - 2011-12-23 14:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 08:54 - 2011-12-23 00:07 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-10 08:53 - 2012-11-05 14:03 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2014-03-10 08:53 - 2011-12-23 22:58 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-10 08:52 - 2012-01-13 12:18 - 00123872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-03-10 08:52 - 2012-01-13 12:18 - 00000000 ____D () C:\Users\ike\AppData\Local\Lenovo
2014-03-07 19:47 - 2012-02-06 15:16 - 00000767 _____ () C:\Windows\wiso.ini
2014-03-05 09:26 - 2014-04-02 09:45 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-04-02 09:45 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-04-02 09:45 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype
2014-03-05 09:10 - 2012-01-12 13:40 - 00000000 ____D () C:\ProgramData\Skype
2014-03-03 20:28 - 2012-01-23 14:42 - 00000000 ____D () C:\Users\ikeAdmin\Documents\Visual Studio 2010
2014-03-03 15:06 - 2012-01-23 18:07 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Skype
2014-03-03 14:27 - 2012-05-18 10:38 - 00000136 _____ () C:\Users\ikeAdmin\Desktop\Neues Textdokument.txt
2014-03-03 14:22 - 2013-08-01 11:41 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-03 14:19 - 2014-03-03 14:19 - 01064488 _____ (BillP Studios) C:\Users\ikeAdmin\Downloads\wpsetup.exe
2014-03-03 14:14 - 2013-07-24 09:04 - 00000000 ____D () C:\Program Files (x86)\Heimdal
2014-03-03 14:10 - 2013-08-03 15:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-03 14:08 - 2013-08-03 15:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-03 14:02 - 2014-03-03 14:02 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-03 14:00 - 2013-09-13 11:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 13:59 - 2012-10-29 12:44 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-03 13:59 - 2012-10-29 12:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-03 13:58 - 2011-12-22 23:39 - 00322209 ____N () C:\Windows\Minidump\030314-19500-01.dmp
2014-03-03 12:52 - 2012-10-29 12:44 - 00003870 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-03 12:50 - 2012-10-29 12:44 - 00004122 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-03 12:43 - 2011-12-29 14:09 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Buhl Data Service GmbH
2014-03-03 12:07 - 2014-03-03 12:07 - 00000000 ____D () C:\Windows\ERUNT
2014-03-03 10:40 - 2014-03-03 10:39 - 00074953 _____ () C:\Users\ike\Downloads\Addition.txt
2014-03-03 10:40 - 2014-03-03 10:38 - 00047705 _____ () C:\Users\ike\Downloads\FRST.txt
2014-03-03 10:38 - 2014-03-03 10:38 - 02156544 _____ (Farbar) C:\Users\ike\Downloads\FRST64.exe

Some content of TEMP:
====================
C:\Users\ike\AppData\Local\Temp\80C33D6E6AC507355C1C02C567CBC38B_HeimdalSetup.exe
C:\Users\ike\AppData\Local\Temp\avgnt.exe
C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.dll
C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.exe
C:\Users\ike\AppData\Local\Temp\proxy_util_w32.dll
C:\Users\ike\AppData\Local\Temp\unrar.dll
C:\Users\ikeAdmin\AppData\Local\Temp\avgnt.exe
C:\Users\ikeAdmin\AppData\Local\Temp\tmp69B3.exe
C:\Users\ikeAdmin\AppData\Local\Temp\unrar.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-31 17:06

==================== End Of Log ============================
         
--- --- ---



mbam - als Administrator ausgeführt! - trotzdem steht "Administrator: nein" :-/


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.04.2014
Suchlauf-Zeit: 14:44:21
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.0.1000
Malware Datenbank: v2014.04.02.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ike

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 280474
Verstrichene Zeit: 7 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
__________________

Alt 02.04.2014, 14:26   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Zitat:
dass ihr Einzelkämpfer trotzdem unterstützt. Wenn nicht, dann sag Bescheid.
Sicher tun wir das, wir weisen aber auch immer auf die Gefahr hin, dass in den Logs sensbile Daten stehen, nur weil keiner von den "Business-Hilfesuchenden" davon Notiz nehmen

Also das hier meine ich:

Zitat:
Bedenkt jedoch, dass Logfiles viele heikle Informationen enthalten können (Kundendaten, Bankdaten, etc.) sowie das Malware genauso wie unsere Scanner die Möglichkeit besitzt, diese auszuspähen und zu missbrauchen. Hier legen wir euch ein Formatieren und Neuaufsetzen nahe. Hier gilt insbesondere, dass wir im Nachhinein keine Logfiles löschen werden, egal wie sehr "euer Chef das auch will".
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.04.2014, 14:44   #5
ikeike
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Passt - hab ich gelesen - und Dateinamen, die mit Kunden zu tun haben ausgeXt.


Alt 02.04.2014, 15:28   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Dann ist ja gut. Allerdings warst du bei MBAM immer noch kein Admin. Kein Problem, wir machen später eh nochmal MBAM, denk aber dann an die Adminrechte.

Ist jemals ein Viren-/Malwarescanner fündig geworden? Oder hattest du noch nie Schädlingsbefall? Wenn doch bitte alle Logs mit Funden posten
__________________
--> Windows 7: Proxy angeblich auf localhost:21320

Alt 03.04.2014, 07:01   #7
ikeike
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



"Ausführen als Admin" hat bei mbam nicht gereicht.
Hab mich jetzt mit meinem Admin-Account angemeldet - und jetzt sieht es besser aus - naja - besser ist relativ.

Außerdem hab ich tatsächlich noch ein logfile von letztem Jahr gefunden - damals wurde einiges entdeckt.
Hab mich damals auch bei euch durchgewühlt - und threads zu OpenCandy gefunden ...


mbam - 2014-04-03
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.04.2014
Suchlauf-Zeit: 07:59:48
Logdatei: mbam-log-2014-04-03 (07-58).txt
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.04.03.01
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ikeAdmin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 350503
Verstrichene Zeit: 21 Min, 24 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 1
Malware.Trace, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWCPL|1, @biocpl.dll,-1, , [d32d33cdc83803fd409b93488181c838]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         


mbam - 2013-09-13
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.13.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
ikeAdmin :: SIXTYFIVE [Administrator]

13.09.2013 11:32:08
mbam-log-2013-09-13 (11-32-08).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P
Deaktivierte Suchlaufeinstellungen: 
Durchsuchte Objekte: 635594
Laufzeit: 1 Stunde(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 2
C:\Users\ikeAdmin\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 4
C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B\3707.ico (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B\OCBrowserHelper_1.0.6.128.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B\RAWinstaller.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Alt 03.04.2014, 09:15   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.04.2014, 10:05   #9
ikeike
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



adwCleaner

Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 03/04/2014 um 10:32:42
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : ikeAdmin - SIXTYFIVE
# Gestartet von : C:\Users\ike\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\ikeAdmin\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\ike\AppData\Local\CrashRpt

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\Software\Description

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\ikeAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\phz8zmin.default-1389100139951\prefs.js ]


[ Datei : C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.enabledAddons", "adblockpopups%40jessehakanen.net:0.9.1,fb_add_on%40avm.de:1.7.0,itsalltext%40docwhat.gerf.org:1.8.1,sitedelta%40schierla.de:0.13.2,%7B5F590AA2-1221-4113-A6F4-A4B[...]

*************************

AdwCleaner[R1].txt - [1384 octets] - [03/03/2014 15:00:47]
AdwCleaner[R2].txt - [1418 octets] - [02/04/2014 10:16:25]
AdwCleaner[R3].txt - [1478 octets] - [02/04/2014 10:18:37]
AdwCleaner[R4].txt - [1490 octets] - [02/04/2014 11:02:14]
AdwCleaner[R5].txt - [1600 octets] - [03/04/2014 10:30:09]
AdwCleaner[R6].txt - [1660 octets] - [03/04/2014 10:31:33]
AdwCleaner[S1].txt - [1445 octets] - [03/03/2014 15:04:24]
AdwCleaner[S2].txt - [1585 octets] - [03/04/2014 10:32:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1645 octets] ##########
         
jrt
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x64
Ran by ikeAdmin on 03.04.2014 at 10:39:22,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.04.2014 at 10:48:31,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by ikeAdmin (administrator) on SIXTYFIVE on 03-04-2014 10:56:02
Running from C:\Users\ikeAdmin\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

() C:\Windows\system32\DTS.exe
(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(AuthenTec, Inc.) C:\Windows\system32\ATService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Prog-Soft s.r.o.) C:\Program Files (x86)\PSPad editor\PSPad.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Samsung Electronics.) C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [X]
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [picon] - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-08-20] (Lenovo)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM-x32\...\Run: [PWMTRV] - rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-04-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {3071cdf2-3215-11e1-b819-001c259f26f4} - D:\Autorun\ShelExec.exe default.htm
HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {6bc48649-2ce5-11e1-8cfa-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {ed1c6d4f-45ac-11e1-840b-005056c00008} - H:\autorun.exe
Lsa: [Notification Packages] scecli ACGina
Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk
ShortcutTarget: Wuala.lnk -> C:\Users\ikeAdmin\AppData\Roaming\Wuala\Wuala.exe (No File)
Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF51451D0F4C0CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://eu.secure.linde.com/,DSID=b4ac6b3a41ce43e43b63515bdec8448d,DanaInfo=mlgmuc00mail042.linde.lds.grp,ST=1+/dwa85W.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://secure.linde.com/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] xxx.xxx.xxx.1
Tcpip\..\Interfaces\{3B1EB929-7EFA-4E22-80FE-A29410C5D992}: [NameServer]xxx.xxx.1.248

FireFox:
========
FF ProfilePath: C:\Users\ikeAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\phz8zmin.default-1389100139951
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-02-05] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 ATService; C:\Windows\system32\ATService.exe [2713920 2010-02-05] (AuthenTec, Inc.)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-09-03] (Lenovo.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-02-05] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] ()
S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-12-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 NETw5s64; system32\DRIVERS\NETw5s64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-03 10:56 - 2014-04-03 10:56 - 00019477 _____ () C:\Users\ikeAdmin\Desktop\FRST.txt
2014-04-03 10:55 - 2014-04-03 10:55 - 02157056 _____ (Farbar) C:\Users\ikeAdmin\Desktop\FRST64.exe
2014-04-03 10:48 - 2014-04-03 10:54 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt
2014-04-03 10:38 - 2014-04-03 10:38 - 01038974 _____ (Thisisu) C:\Users\ikeAdmin\Desktop\JRT.exe
2014-04-03 10:29 - 2014-04-03 10:29 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe
2014-04-03 09:04 - 2014-04-03 09:04 - 00002413 _____ () C:\Users\Public\Desktop\SoapUI 4.6.4-m-SNAPSHOT.lnk
2014-04-03 09:04 - 2014-04-03 09:04 - 00000000 ____D () C:\Program Files\SmartBear
2014-04-03 08:13 - 2014-04-03 08:13 - 00002311 _____ () C:\Users\Public\Desktop\SoapUI 4.6.4.lnk
2014-04-03 07:36 - 2014-04-03 07:36 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\Skype
2014-04-02 12:33 - 2014-04-02 12:33 - 00879028 _____ () C:\Users\ike\Documents\Terminierungstool.xlsm
2014-04-02 11:37 - 2014-04-02 11:37 - 00005909 _____ () C:\Users\ike\Desktop\gmer.log
2014-04-02 11:21 - 2014-04-03 10:56 - 00000000 ____D () C:\FRST
2014-04-02 11:21 - 2014-04-02 14:33 - 00041613 _____ () C:\Users\ike\Desktop\FRST.txt
2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log
2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable
2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe
2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe
2014-04-02 10:59 - 2014-04-02 14:44 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt
2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe
2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt
2014-04-02 09:45 - 2014-04-03 10:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-02 09:45 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-02 09:45 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-02 09:45 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 12:17 - 2014-04-02 08:53 - 00091128 _____ () C:\Users\ike\Documents\xxxx.xlsx
2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-24 12:09 - 2014-03-24 12:11 - 00049234 _____ () C:\Users\ike\Documents\BaugruppenNachBedarfsimport.xlsx
2014-03-19 18:42 - 2014-03-19 18:43 - 00000000 ____D () C:\Program Files (x86)\xxxx
2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat
2014-03-12 19:25 - 2014-03-12 19:56 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung
2014-03-12 08:55 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 08:55 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 08:55 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 08:55 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 08:55 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 08:55 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 08:55 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 08:55 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 08:55 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 08:55 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 08:55 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 08:55 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 08:55 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 08:55 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 08:55 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 08:55 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 08:55 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 08:55 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 08:55 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 08:55 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 08:55 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 08:55 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 08:55 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 08:55 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 08:55 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 08:55 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 08:55 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 08:55 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 08:55 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 08:55 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 08:55 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 08:55 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 08:55 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 08:55 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 08:55 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 08:55 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 08:55 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 08:55 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 08:55 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 08:55 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 08:55 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 08:55 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 08:55 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 08:55 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 08:54 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 08:54 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 08:54 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 08:54 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-06 12:07 - 2014-04-02 13:17 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp
2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype

==================== One Month Modified Files and Folders =======

2014-04-03 10:56 - 2014-04-03 10:56 - 00019477 _____ () C:\Users\ikeAdmin\Desktop\FRST.txt
2014-04-03 10:56 - 2014-04-02 11:21 - 00000000 ____D () C:\FRST
2014-04-03 10:55 - 2014-04-03 10:55 - 02157056 _____ (Farbar) C:\Users\ikeAdmin\Desktop\FRST64.exe
2014-04-03 10:54 - 2014-04-03 10:48 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt
2014-04-03 10:43 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 10:43 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 10:40 - 2013-02-25 15:52 - 00735986 _____ () C:\Windows\system32\perfh015.dat
2014-04-03 10:40 - 2013-02-25 15:52 - 00157504 _____ () C:\Windows\system32\perfc015.dat
2014-04-03 10:40 - 2011-06-02 08:18 - 00741084 _____ () C:\Windows\system32\perfh00A.dat
2014-04-03 10:40 - 2011-06-02 08:18 - 00160106 _____ () C:\Windows\system32\perfc00A.dat
2014-04-03 10:40 - 2011-06-02 08:14 - 00724646 _____ () C:\Windows\system32\prfh0816.dat
2014-04-03 10:40 - 2011-06-02 08:14 - 00154538 _____ () C:\Windows\system32\prfc0816.dat
2014-04-03 10:40 - 2011-06-02 08:09 - 00709508 _____ () C:\Windows\system32\prfh0416.dat
2014-04-03 10:40 - 2011-06-02 08:09 - 00149288 _____ () C:\Windows\system32\prfc0416.dat
2014-04-03 10:40 - 2011-06-02 08:05 - 00735674 _____ () C:\Windows\system32\perfh010.dat
2014-04-03 10:40 - 2011-06-02 08:05 - 00148478 _____ () C:\Windows\system32\perfc010.dat
2014-04-03 10:40 - 2011-06-02 08:01 - 00705108 _____ () C:\Windows\system32\perfh007.dat
2014-04-03 10:40 - 2011-06-02 08:01 - 00151476 _____ () C:\Windows\system32\perfc007.dat
2014-04-03 10:40 - 2011-06-02 07:57 - 00741344 _____ () C:\Windows\system32\perfh00C.dat
2014-04-03 10:40 - 2011-06-02 07:57 - 00151212 _____ () C:\Windows\system32\perfc00C.dat
2014-04-03 10:40 - 2011-06-02 07:53 - 00739126 _____ () C:\Windows\system32\perfh013.dat
2014-04-03 10:40 - 2011-06-02 07:53 - 00154734 _____ () C:\Windows\system32\perfc013.dat
2014-04-03 10:40 - 2009-07-14 07:13 - 07821810 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 10:38 - 2014-04-03 10:38 - 01038974 _____ (Thisisu) C:\Users\ikeAdmin\Desktop\JRT.exe
2014-04-03 10:36 - 2014-04-02 09:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-03 10:36 - 2012-01-23 18:07 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Skype
2014-04-03 10:34 - 2013-12-17 08:55 - 00006608 _____ () C:\Windows\setupact.log
2014-04-03 10:34 - 2013-07-31 22:01 - 00102566 _____ () C:\Windows\PFRO.log
2014-04-03 10:34 - 2012-01-09 16:37 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\TSVNCache
2014-04-03 10:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-03 10:33 - 2012-01-09 12:30 - 00000000 ____D () C:\Users\ike\AppData\Local\TSVNCache
2014-04-03 10:33 - 2011-12-22 23:47 - 02082577 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 10:32 - 2014-03-03 15:00 - 00000000 ____D () C:\AdwCleaner
2014-04-03 10:32 - 2012-01-12 13:40 - 00000000 ____D () C:\Users\ike\AppData\Roaming\Skype
2014-04-03 10:29 - 2014-04-03 10:29 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe
2014-04-03 10:26 - 2012-09-25 23:01 - 00013915 _____ () C:\Users\ike\soapui-settings.xml
2014-04-03 10:26 - 2012-09-25 21:46 - 00000306 _____ () C:\Users\ike\default-soapui-workspace.xml
2014-04-03 10:05 - 2012-07-06 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 09:05 - 2012-09-25 21:44 - 00013735 _____ () C:\Users\ikeAdmin\soapui-settings.xml
2014-04-03 09:05 - 2012-09-25 21:43 - 00000336 _____ () C:\Users\ikeAdmin\default-soapui-workspace.xml
2014-04-03 09:04 - 2014-04-03 09:04 - 00002413 _____ () C:\Users\Public\Desktop\SoapUI 4.6.4-m-SNAPSHOT.lnk
2014-04-03 09:04 - 2014-04-03 09:04 - 00000000 ____D () C:\Program Files\SmartBear
2014-04-03 09:04 - 2011-12-22 23:48 - 00000000 ____D () C:\Users\ikeAdmin
2014-04-03 08:13 - 2014-04-03 08:13 - 00002311 _____ () C:\Users\Public\Desktop\SoapUI 4.6.4.lnk
2014-04-03 08:12 - 2012-09-25 21:40 - 00000000 ____D () C:\Program Files (x86)\SmartBear
2014-04-03 07:36 - 2014-04-03 07:36 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\Skype
2014-04-02 14:44 - 2014-04-02 10:59 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt
2014-04-02 14:33 - 2014-04-02 11:21 - 00041613 _____ () C:\Users\ike\Desktop\FRST.txt
2014-04-02 14:13 - 2012-01-25 20:17 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-04-02 13:17 - 2014-03-06 12:07 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp
2014-04-02 12:59 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-02 12:33 - 2014-04-02 12:33 - 00879028 _____ () C:\Users\ike\Documents\xxx.xlsm
2014-04-02 12:31 - 2012-01-12 16:57 - 00000000 ____D () C:\Users\ike\.VirtualBox
2014-04-02 11:37 - 2014-04-02 11:37 - 00005909 _____ () C:\Users\ike\Desktop\gmer.log
2014-04-02 11:28 - 2012-01-17 11:41 - 00000000 ____D () C:\Windows\Minidump
2014-04-02 11:28 - 2011-12-22 23:39 - 00320793 ____N () C:\Windows\Minidump\040214-15615-01.dmp
2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log
2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable
2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe
2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe
2014-04-02 11:01 - 2011-12-23 00:14 - 00123872 _____ () C:\Users\ikeAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe
2014-04-02 10:49 - 2011-12-29 14:36 - 00123872 _____ () C:\Users\ike\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-02 10:48 - 2009-07-14 06:45 - 00508664 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-02 10:41 - 2013-01-17 09:17 - 00000000 ____D () C:\Users\ike\AppData\Local\Deployment
2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt
2014-04-02 10:22 - 2014-03-03 12:01 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe
2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-02 09:45 - 2012-03-20 10:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-02 08:53 - 2014-03-31 12:17 - 00091128 _____ () C:\Users\ike\Documents\xxx.xlsx
2014-04-01 22:18 - 2013-03-24 17:00 - 00000000 ____D () C:\Users\ike\AppData\Roaming\TV-Browser
2014-04-01 21:07 - 2014-01-17 18:37 - 00005134 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SIXTYFIVE-ike sixtyfive
2014-04-01 11:03 - 2014-02-13 08:43 - 00007218 _____ () C:\Users\ike\Documents\SnagitLog.dat
2014-03-28 13:48 - 2012-11-23 14:57 - 00000039 _____ () C:\Windows\vbaddin.ini
2014-03-28 13:48 - 2011-12-23 01:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-27 17:52 - 2012-01-18 17:02 - 00000600 _____ () C:\Users\ike\AppData\Roaming\winscp.rnd
2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-24 15:42 - 2012-05-02 13:42 - 00000000 ____D () C:\Users\ike\AppData\Local\CrashDumps
2014-03-24 12:11 - 2014-03-24 12:09 - 00049234 _____ () C:\Users\ike\Documents\xxx.xlsx
2014-03-24 08:36 - 2012-11-23 08:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-23 15:11 - 2014-02-15 19:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-20 08:50 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\ShellNew
2014-03-20 08:48 - 2009-07-14 04:34 - 00000510 _____ () C:\Windows\win.ini
2014-03-19 18:43 - 2014-03-19 18:42 - 00000000 ____D () C:\Program Files (x86)\xxx
2014-03-19 08:51 - 2013-12-20 09:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-18 09:03 - 2013-07-23 21:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 09:01 - 2011-12-23 00:27 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat
2014-03-12 20:25 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 20:00 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 19:56 - 2014-03-12 19:25 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung
2014-03-11 21:05 - 2012-07-06 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 21:05 - 2012-04-10 11:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 21:05 - 2011-12-23 14:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 08:54 - 2011-12-23 00:07 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-10 08:53 - 2012-11-05 14:03 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2014-03-10 08:53 - 2011-12-23 22:58 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-10 08:52 - 2012-01-13 12:18 - 00123872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-03-10 08:52 - 2012-01-13 12:18 - 00000000 ____D () C:\Users\ike\AppData\Local\Lenovo
2014-03-07 19:47 - 2012-02-06 15:16 - 00000767 _____ () C:\Windows\wiso.ini
2014-03-05 09:26 - 2014-04-02 09:45 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-04-02 09:45 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-04-02 09:45 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype
2014-03-05 09:10 - 2012-01-12 13:40 - 00000000 ____D () C:\ProgramData\Skype

Some content of TEMP:
====================
C:\Users\ike\AppData\Local\Temp\80C33D6E6AC507355C1C02C567CBC38B_HeimdalSetup.exe
C:\Users\ike\AppData\Local\Temp\avgnt.exe
C:\Users\ike\AppData\Local\Temp\i4jdel0.exe
C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.dll
C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.exe
C:\Users\ike\AppData\Local\Temp\JExplorer32.2.6.8.dll
C:\Users\ike\AppData\Local\Temp\JExplorer32.2.6.8.exe
C:\Users\ike\AppData\Local\Temp\proxy_util_w32.dll
C:\Users\ike\AppData\Local\Temp\unrar.dll
C:\Users\ikeAdmin\AppData\Local\Temp\avgnt.exe
C:\Users\ikeAdmin\AppData\Local\Temp\JExplorer32.2.6.8.dll
C:\Users\ikeAdmin\AppData\Local\Temp\JExplorer32.2.6.8.exe
C:\Users\ikeAdmin\AppData\Local\Temp\proxy_vole1981562162407230777.dll
C:\Users\ikeAdmin\AppData\Local\Temp\Quarantine.exe
C:\Users\ikeAdmin\AppData\Local\Temp\tmp69B3.exe
C:\Users\ikeAdmin\AppData\Local\Temp\unrar.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-31 17:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 03.04.2014, 10:30   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Neues Addition fehlt, wenn nicht erstellt: FRST nochmal starten, Haken bei additions setzen und auf scan klicken
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.04.2014, 12:19   #11
ikeike
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Häkchen hatte gefehlt.


Beim Starten wird mein Rechner jetzt super langsam - v.a. beim Verbinden mit dem LAN ...




Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by ikeAdmin at 2014-04-03 12:16:22
Running from C:\Users\ikeAdmin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Add-in Express for Microsoft Office and .NET, Standard (HKLM-x32\...\{CB3CB52F-6F12-42FD-A840-4C55EC2CA0B8}) (Version: 7.1.4050 - Add-in Express Ltd)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.831.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{35A50BE1-FDD7-4FC7-CCE5-03D2A63D4CF4}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
AnkhSVN 2.4.11610.27 (HKLM-x32\...\{1B6B2817-89AF-4947-A768-0766D7906BCB}) (Version: 2.4.11610.27 - AnkhSVN Team)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.71.00 - )
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5-110424b-119200C-Lenovo - ATI Technologies, Inc.)
AuthenTec TrueSuite (HKLM\...\{E6C44758-FF49-47D1-8182-65E3818ACE23}) (Version: 2.0.0.57 - AuthenTec, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2011.0424.2249.39080 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0424.2249.39080 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help English (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help French (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help German (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0424.2248.39080 - ATI) Hidden
ccc-core-static (x32 Version: 2011.0424.2249.39080 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2011.0424.2249.39080 - ATI) Hidden
Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
Custom UI Editor for Microsoft Office (HKLM-x32\...\{C644FAAE-42FD-4FEC-B170-AB40B128B9AF}) (Version: 3.14.1592 - Microsoft Corporation)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.7 - REINER SCT)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Deutsche Post E-Porto (HKLM-x32\...\{A51F5414-4A2B-45A0-8EF2-B4D29CFBCAE7}) (Version: 2.3.0 - Deutsche Post AG)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct Printing Utility (HKLM-x32\...\Direct Printing Utility) (Version: 1.02.06:03 - Samsung Electronics Co., Ltd.)
docUtilities (HKLM-x32\...\{3F4C4A23-73DA-4088-A28B-674AF855C5EE}) (Version: 1.4.12 - nutzware)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator Software Services - Community Edition - DEU (HKLM-x32\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.63.1 - Lenovo Group Limited)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{47AA145C-1698-4C76-A15B-23730399A423}) (Version: 11.1.21009.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Excel VBA Code Cleaner 5.0 (HKLM-x32\...\Excel VBA Code Cleaner 5.0) (Version:  - )
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2736182) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2736182) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2890573) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2890573) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2529927) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2529927) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2548139) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2548139) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2549864) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2549864) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2635973) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2736182) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2736182) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2890573) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2890573) (Version: 1 - Microsoft Corporation)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel PROSet Wireless (Version:  - ) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
Intel(R) Network Connections 17.4.95.0 (HKLM\...\PROSetDX) (Version: 17.4.95.0 - Intel)
Intel(R) Network Connections 17.4.95.0 (Version: 17.4.95.0 - Intel) Hidden
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.9.20595 - Juniper Networks, Inc.)
Klok 2 (HKLM-x32\...\Klok2.DD7F2188B985C2439837C76B42A187050457E61B.1) (Version: 2.5.9 - Mcgraphix, Inc.)
Klok 2 (x32 Version: 2.5.9 - Mcgraphix, Inc.) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.27 - AuthenTec, Inc.)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Solution Center (HKLM\...\{D60E3A84-5DDC-49ED-B9A5-E3466996EB36}) (Version: 2.3.002.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - DEU (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - DEU (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for Silverlight 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 v3.0 Core (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - DEU (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden
Microsoft LightSwitch für Visual Studio 2012 CoreRes - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Lync 2010 Attendee (HKLM-x32\...\{44228375-A198-489B-B90F-F88A1A78D5F5}) (Version: 4.0.7577.4415 - Microsoft Corporation)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2010 Code Compatibility Inspector Update 1 (HKLM-x32\...\{715D5ADB-4054-44FA-A2D8-8B7082E10A42}) (Version: 2.2.1 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.60130.00 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Power Query for Excel (HKLM-x32\...\{1BCE483C-D8D3-451C-9FB8-3CD9F57E385B}) (Version: 1.5.3296.2082 - Microsoft Corporation)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On für Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{803910CC-3A39-45E3-A594-0D5512A60A86}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{5ADA62BD-2FC0-4ECE-93AA-C933E69B2AB5}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (HKLM-x32\...\{BB1E119E-CF4B-4183-910E-A8C2B379F2C6}) (Version: 10.50.1752.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{919E5477-D20B-4F64-AE8B-8199469F7817}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (HKLM-x32\...\{103A5E44-DD5B-46D5-AD1E-9DF2260CA023}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{0D432429-C79C-462D-ABD8-4D82B83A954B}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - DEU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Professional - DEU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Leistungserfassungstools - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Leistungserfassungstools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012-Vorbereitung (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{66efbe1c-fcf5-4623-93f6-1ae2445aff93}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.60315 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 - deu (x32 Version: 1.2.40308.0 - Microsoft Corporation) Hidden
Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 (x32 Version: 1.2.40308.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
MZ-Tools 3.0 für VBA (HKLM-x32\...\{2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1) (Version:  - MZTools Software)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Oracle VM VirtualBox 4.3.6 (HKLM\...\{DC65DFD8-E175-4A85-948A-42965853B2E8}) (Version: 4.3.6 - Oracle Corporation)
PDF Creator Pilot 4.3 x64 Edition (HKLM\...\{467D4F46-B75D-4E9F-B710-D933D687B9BD}) (Version: 4.3 - Two Pilots)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.0 - Tracker Software Products Ltd)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.00.70.00 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.1.0 - Samsung Electronics)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.22.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-483x 5x3x Series (HKLM-x32\...\Samsung SCX-483x 5x3x Series) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Scribble Papers 2.6.1 (HKLM-x32\...\Scribble Papers_is1) (Version:  - Jens Hoetger)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sicherheitsupdate für Microsoft Visual Studio 2010 Professional - DEU (KB2645410) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2645410) (Version: 1 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Snagit 11 (HKLM-x32\...\{D0CC22F6-A67A-4083-A043-E0640CB7A4DF}) (Version: 11.2.1 - TechSmith Corporation)
soapUI 4.5.1 4.5.1 (HKLM-x32\...\5517-2803-0637-4585) (Version: 4.5.1 - SmartBear Software)
SoapUI 4.6.4 4.6.4 (HKLM-x32\...\5517-2803-0637-4585-1) (Version: 4.6.4 - SmartBear Software)
SoapUI 4.6.4-m-SNAPSHOT 4.6.4-m-SNAPSHOT (HKLM\...\5517-2803-0637-4585) (Version: 4.6.4-m-SNAPSHOT - SmartBear Software)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.10 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.11 - Lenovo)
tools-linux (x32 Version: 9.2.0.812388 - VMware, Inc.) Hidden
TortoiseSVN 1.7.13.24257 (64 bit) (HKLM\...\{4560A53B-3BB7-4B72-829E-5BDE5803DC11}) (Version: 1.7.24257 - TortoiseSVN)
TV-Browser 3.3.1 (HKLM-x32\...\tvbrowser) (Version: 3.3.1 - TV-Browser Team)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Prerequisites - DEU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Update 2 (KB2707250) (HKLM-x32\...\{2fba7dd0-b8eb-4185-aea3-e6910d3f8102}) (Version: 11.0.60315 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9201.20602 - Microsoft Corporation) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows App Certification Kit Native Components (Version: 8.59.29736 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012 (x32 Version: 1.8.60301.1601 - Microsoft) Hidden
Windows Azure Tools für LightSwitch HTML Client für Visual Studio 2012 (DEU) (x32 Version: 1.8.60301.1601 - Microsoft) Hidden
Windows Runtime Intellisense Content - de-de (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (01/14/2010 8.6.0.13) (HKLM\...\0481B164C8D1D26C560D6A5E717C5920D4362D60) (Version: 01/14/2010 8.6.0.13 - AuthenTec Inc.)
WinSCP 5.2.7 RC (HKLM-x32\...\winscp3_is1) (Version: 5.2.7 RC - Martin Prikryl)
WISO Mein Geld 2014 Professional (HKLM-x32\...\WISO Mein Geld 2014 Professional) (Version:  - Buhl Data Service GmbH)
WISO Mein Geld 2014 Professional (x32 Version: 16.0.1.0 - Buhl Data Service GmbH) Hidden
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{CE7A4070-BF51-4E01-97E7-4D8E8A3E90C1}) (Version: 21.01.8499 - Buhl Data Service GmbH)
Word 2007 Content Control Toolkit (HKLM-x32\...\{EFCDC354-00BA-4D01-A6AF-AF3311DA9F44}) (Version: 1.3.0 - Microsoft)
Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)
Zeta Resource Editor 2.2.0.27 (nur entfernen) (HKLM-x32\...\ZetaResourceEditor) (Version: 2.2.0.27 - Zeta Software GmbH)

==================== Restore Points  =========================

02-04-2014 05:22:24 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-01-30 11:44 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {090B4AB7-DBF7-4B46-99B2-686010A9F947} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-09-25] (Lenovo)
Task: {1E8237EB-F70D-41C1-A018-1ED80178AE87} - System32\Tasks\{EE115A66-81F8-4BB0-B217-04BEBE8A840A} => C:\DRIVERS\WIN\HOTKEY\SETUP.EXE [2010-11-08] (Lenovo Group Limited)
Task: {41EA3997-488E-4257-831C-B82A92726DEA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {49B2A7CF-06B0-43B9-94F0-7F2482BF2672} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft)
Task: {58F080E7-1D42-4AC7-845D-4AA260D7C5B1} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {9DF3EE27-1095-41C3-8922-65F2BD6A370C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B6156107-FE51-4903-A9C0-EA9461C555BA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SIXTYFIVE-ike sixtyfive => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-03-19] (Microsoft Corporation)
Task: {B6BFEBDA-1B04-4868-A438-1ACC553AB89A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-29] (Google Inc.)
Task: {BB72872D-D780-4956-9D71-9C77ED223EA8} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe [2013-04-24] (Crystal Dew World)
Task: {E43CAEED-AE60-42B1-8276-E1575C7500FC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-09-25] ()
Task: {E9A7CC64-1F72-4C8A-8108-10F8A639E044} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-09-25] (Lenovo)
Task: {F61B882B-CACB-4A4D-B3FA-A97A874A7E24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {F9C2851D-4F56-4816-A467-9BA803E7906D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-29] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-02-05 07:45 - 2010-02-05 07:45 - 00117760 _____ () C:\Windows\system32\DTS.exe
2011-07-27 21:07 - 2011-07-27 21:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-10-24 13:14 - 2012-07-17 19:44 - 00054784 _____ () C:\Windows\System32\amgnpm.dll
2012-01-27 17:57 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2012-01-27 17:57 - 2006-02-22 11:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2011-03-03 07:26 - 2011-03-03 07:26 - 00034304 _____ () C:\Windows\System32\ssn2mlm.dll
2014-03-19 08:49 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-20 09:31 - 2014-01-02 19:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-06-01 10:00 - 2013-06-01 10:00 - 00088848 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2012-01-09 09:25 - 2013-09-03 06:03 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2011-03-14 15:21 - 2011-03-14 15:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-24 23:48 - 2011-04-24 23:48 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-14 15:12 - 2013-10-22 06:12 - 01242112 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssn2mdu.dll
2013-02-26 09:34 - 2013-02-26 09:22 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-08-20 17:02 - 2013-08-20 17:02 - 00092456 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2011-12-29 14:15 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2013-06-01 08:06 - 2013-06-01 08:06 - 00070416 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2013-05-31 14:52 - 2013-05-31 14:52 - 07097344 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\SnagItres.dll
2013-05-31 14:39 - 2013-05-31 14:39 - 00095232 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2013-05-31 14:38 - 2013-05-31 14:38 - 00089088 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2013-05-31 14:31 - 2013-05-31 14:31 - 04710400 ____R () C:\Program Files (x86)\TechSmith\Snagit 11\PDFNetC.dll
2014-04-03 11:15 - 2014-04-03 11:15 - 00165376 _____ () C:\Users\ike\AppData\Local\Wuala\Program0\lib.450\orangevolt-4n-1.1.2.dll
2014-04-03 11:15 - 2014-04-03 11:15 - 00370688 _____ () C:\Users\ike\AppData\Local\Wuala\Program0\lib.450\jcbfs3.dll
2014-04-03 11:17 - 2014-04-03 11:17 - 00949426 _____ () C:\Users\ike\AppData\Local\Wuala\Program0\lib.450\jnotify.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-02-15 19:56 - 2014-03-23 15:11 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-06-10 15:23 - 2013-05-17 19:02 - 00013824 _____ () C:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
2014-01-03 08:59 - 2014-02-10 19:04 - 00430080 _____ () C:\Windows\mod_frst.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\00619851.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\00619851.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: LENOVO.CAMMUTE => 2
MSCONFIG\Services: LENOVO.MICMUTE => 2
MSCONFIG\Services: LENOVO.TPKNRSVC => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MSCONFIG\startupreg: FingerPrintSoftware => "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
MSCONFIG\startupreg: FingerPrintSoftwareSplashScreen => "C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe" \s
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-03-03 12:52:25.947
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 12:43:57.472
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 11:43:02.699
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 11:14:58.410
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 11:05:26.793
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 11:00:04.740
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 09:24:44.099
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 09:10:29.750
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 08:56:18.710
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-02 11:51:41.385
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 8086.02 MB
Available physical RAM: 5051.52 MB
Total Pagefile: 8184.2 MB
Available Pagefile: 4720 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.36 GB) (Free:34.67 GB) NTFS
Drive w: (Wuala) (Network) (Total:5 GB) (Free:3.77 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: E2A747C0)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 03.04.2014, 12:39   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Ok, Kontrollscans mit MBAM und ESET bitte

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.04.2014, 16:00   #13
ikeike
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Habe alles unter meinem Admin-Account ausgeführt.

Malwarebytes --> Suchlauf --> Aktionen angewendet --> Rechner neu gestartet --> Malwarebytes startet von alleine nochmal


Als ich Eset installieren wollte, kam die Proxy-Meldung :-/
Anders als in meinem "normalen" Account habe ich im Admin-Account allerdings den Proxy-Eintrag gefunden!!!
(Auf die Idee bin ich vorher nicht gekommen.)

Proxy-Eintrag gelöscht --> Eset konnte installiert werden.



1. mbam.txt nach dem ersten Lauf
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.04.2014
Suchlauf-Zeit: 14:10:56
Logdatei: 
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.04.03.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ikeAdmin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 350159
Verstrichene Zeit: 15 Min, 23 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 1
Malware.Trace, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWCPL|1, @biocpl.dll,-1, Löschen bei Neustart, [e21ee41c6e925fa10d48a63645bdad53]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
mbam.txt nach dem 2. Lauf
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.04.2014
Suchlauf-Zeit: 14:31:19
Logdatei: 
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.04.03.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ikeAdmin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 348410
Verstrichene Zeit: 14 Min, 13 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Eset
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=0baa06b6c19cb4469c59e564f72bc564
# engine=17739
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-03 02:51:36
# local_time=2014-04-03 04:51:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 95 12363 167208001 5135 0
# compatibility_mode=5893 16776573 100 94 7850 148166546 0 0
# scanned=434531
# found=0
# cleaned=0
# scan_time=7670
         

Alt 04.04.2014, 09:16   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Sicherheitshalber nochmal die Proxeinträge löschen:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.04.2014, 10:18   #15
ikeike
 
Windows 7: Proxy angeblich auf localhost:21320 - Standard

Windows 7: Proxy angeblich auf localhost:21320



Hab sicherheitshalber mit meinen beiden Usern (einmal normal, einmal Admin-Rechte) das Ganze durchgeführt

normaler User
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by ike at 2014-04-04 11:07:11 Run:1
Running from C:\Users\ike\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.

==== End of Fixlog ====
         
normaler User - mit "als Admin ausführen"

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by ikeAdmin at 2014-04-04 11:08:25 Run:2
Running from C:\Users\ike\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.

==== End of Fixlog ====
         
Admin-User

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by ikeAdmin at 2014-04-04 11:11:23 Run:3
Running from C:\Users\ikeAdmin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.

==== End of Fixlog ====
         
Admin-User - mit "als Admin ausführen"
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by ikeAdmin at 2014-04-04 11:12:13 Run:4
Running from C:\Users\ikeAdmin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.

==== End of Fixlog ====
         

Antwort

Themen zu Windows 7: Proxy angeblich auf localhost:21320
antivir, antivirus, branding, browser, entfernen, error, fehlermeldung, festplatte, firefox, firefox 28.0, flash player, geld, google, google analytics, helper, home, mozilla, ntdll.dll, performance, proxy, proxyeinstellungen, pwmtr64v.dll, registry, rundll, schutz, security, software, svchost.exe, tracker, vista, windows, wiso



Ähnliche Themen: Windows 7: Proxy angeblich auf localhost:21320


  1. Angeblich nicht mit Windows 10 kompatibel
    Alles rund um Windows - 04.08.2015 (6)
  2. Windows 7 - Fehler Proxy Server
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (11)
  3. Lange Ladezeiten, angeblich windows defender und avira offline.
    Plagegeister aller Art und deren Bekämpfung - 06.10.2014 (5)
  4. Samsung Monte will Proxy-Passwort, aber kein Proxy installiert
    Smartphone, Tablet & Handy Security - 16.06.2014 (2)
  5. Firefox leitet eventuell auf Localhost weiter
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (9)
  6. Startfenster - VLC - Taskmanager - wmcfg - localhost
    Plagegeister aller Art und deren Bekämpfung - 11.09.2012 (4)
  7. Flame kam angeblich als Windows-Update aufs System
    Nachrichten - 04.06.2012 (0)
  8. localhost, 127.0.0.1, stealthy.co
    Log-Analyse und Auswertung - 30.04.2012 (1)
  9. Windows 7 gesperrt, 50Euro zahlen, angeblich verseucht
    Plagegeister aller Art und deren Bekämpfung - 30.03.2012 (11)
  10. windows account geperrt -> ukash 100 €, angeblich gefälschte lizenz
    Log-Analyse und Auswertung - 09.03.2012 (23)
  11. Windows Security Center - gesperrt - Angeblich unlizensierte Software
    Log-Analyse und Auswertung - 03.02.2012 (4)
  12. Traffic an localhost abhörbar?
    Überwachung, Datenschutz und Spam - 10.12.2011 (2)
  13. advantastar.us als localhost
    Plagegeister aller Art und deren Bekämpfung - 22.06.2009 (0)
  14. Auswertung Log-File weil http://localhost:9100/proxy.pac
    Log-Analyse und Auswertung - 07.03.2007 (4)
  15. Windows Partition ist angeblich 15 GB belegt, addiert ergibt sie knapp 10GB
    Alles rund um Windows - 05.03.2006 (5)

Zum Thema Windows 7: Proxy angeblich auf localhost:21320 - Hallo, ich nutze das Wiso Steuer Sparbuch. Wenn ich ein Update machen möchte, bekomme ich seit gestern die Fehlermeldung: Proxyserver reagiert nicht. Überprüfen Sie die Proxyeinstellungen localhost:21320 Unter Internetoptionen > - Windows 7: Proxy angeblich auf localhost:21320...
Archiv
Du betrachtest: Windows 7: Proxy angeblich auf localhost:21320 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.