Windows 7: Facebook-Schädling durch Messenger vermutet Hallo liebe TB-User,
es ist nun doch einmal passiert, dass ich einen von diesen dubiosen Links angeklickt habe, die immer mal wieder auf Facebook kursieren.
Dieser Link kam als Chatnachricht in einem Gruppengespräch mit einem dieser typischen Texte ("erinnerst du dich noch an das Foto" oder so). Es gab keine Datei zum herunterladen. Ich wurde auf eine Seite weitergeleitet, auf der nur ein Bild von irgendeiner Party zu sehen war. Ich wurde nicht aufgefordert ein Programm zu downloaden.
Ich habe den entsprechenden Freund gefragt, und er hat bestätigt, dass er die Nachrricht nicht verfasst hat. Wen es interessiert, der Link sieht folgendermaßen aus: "hxxp://729382.com/k9d8ypg/?=nr82968"
Ich habe alle nötigen Log's erstellt und zusätzlich noch
Malwarebytes drüberlaufen lassen. Avira hat sich bisher auch nicht gemeldet.
So, nun die Anhänge:
Code:
Alles auswählen Aufklappen ATTFilter
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 03.05.2014
Scan Time: 23:42:53
Logfile: MB_scan.txt
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.05.03.06
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
OS: Windows 7
CPU: x64
File System: NTFS
User: *****
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 282247
Time Elapsed: 13 min, 9 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by ***** (administrator) on HOFFI on 03-05-2014 23:54:00
Running from C:\Users\*****\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Macrium\Reflect\ReflectService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Auslogics) C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AlcaTech) C:\Windows\SysWOW64\mmrtkrnl.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-23] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-11] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2773232 2013-10-18] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Realtime Audio Engine] => "mmrtkrnl.exe" /i
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [815888 2014-02-18] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3896820611-3695378639-3730271298-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-05-07] (Google Inc.)
HKU\S-1-5-21-3896820611-3695378639-3730271298-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-3896820611-3695378639-3730271298-1001\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-12] (Google Inc.)
HKU\S-1-5-21-3896820611-3695378639-3730271298-1001\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-14] (Spotify Ltd)
HKU\S-1-5-21-3896820611-3695378639-3730271298-1001\...\MountPoints2: E - E:\pushinst.exe
HKU\S-1-5-21-3896820611-3695378639-3730271298-1001\...\MountPoints2: {7ade4885-5222-11e3-93b7-206a8a172e1d} - E:\LaunchU3.exe -a
HKU\S-1-5-21-3896820611-3695378639-3730271298-1001\...\MountPoints2: {8e11971b-c178-11e3-8f95-206a8a172e1d} - E:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.2 HD Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 5.2 HD Edition.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=27361211h816l04g8z195t4771o189
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=27361211h816l04g8z195t4771o189
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=27361211h816l04g8z195t4771o189
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=27361211h816l04g8z195t4771o189
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=27361211h816l04g8z195t4771o189
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7741&r=27361211h816l04g8z195t4771o189
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE462
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE462
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\*****\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\*****\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\Extensions\ich@maltegoetz.de [2014-02-15]
FF Extension: Gutscheinrausch.de - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\Extensions\mail@gutscheinrausch.de [2012-01-08]
FF Extension: FireShot - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-04-29]
FF Extension: WEB.DE MailCheck - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-12]
FF Extension: Fox!Box - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2012-01-08]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-31]
FF HKCU\...\Firefox\Extensions: [mail@gutscheinrausch.de] - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\extensions\mail@gutscheinrausch.de
FF Extension: Gutscheinrausch.de - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\584u8j0f.default\extensions\mail@gutscheinrausch.de [2012-01-08]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\*****\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\*****\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\*****\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll ()
CHR Plugin: (Skype Click to Call) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (ProxTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-01-10]
CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-07]
CHR Extension: (Adblock for Youtubeâ„¢) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-11-12]
CHR Extension: (Tampermonkey) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-12-24]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-02-18] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [766736 2014-02-18] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-10-29] ()
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [302200 2013-01-31] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122128 2014-02-18] (BlueStack Systems)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77432 2009-02-03] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-04-22] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S3 ALSysIO; \??\C:\Users\TIMHOF~1\AppData\Local\Temp\ALSysIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-03 23:54 - 2014-05-03 23:55 - 00031567 _____ () C:\Users\*****\Desktop\FRST.txt
2014-05-03 23:53 - 2014-05-03 23:54 - 00000000 ____D () C:\FRST
2014-05-03 23:44 - 2014-05-03 23:44 - 00000600 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-05-03 23:44 - 2014-05-03 23:44 - 00000020 _____ () C:\Users\*****\defogger_reenable
2014-05-03 23:43 - 2014-05-03 23:43 - 00001044 _____ () C:\Users\*****\Desktop\MB_scan.txt
2014-05-03 23:26 - 2014-05-03 23:26 - 02062336 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-05-03 23:26 - 2014-05-03 23:26 - 00380416 _____ () C:\Users\*****\Desktop\Gmer-19357.exe
2014-05-03 23:26 - 2014-05-03 23:26 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-05-03 23:02 - 2014-05-03 23:02 - 00613200 _____ (Chip Digital GmbH) C:\Users\*****\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-03 22:57 - 2014-05-03 23:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 22:57 - 2014-05-03 22:57 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-03 22:57 - 2014-05-03 22:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-03 22:57 - 2014-05-03 22:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 22:57 - 2014-05-03 22:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-03 22:57 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-03 22:57 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-03 22:57 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-03 22:52 - 2014-05-03 22:48 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-03 22:45 - 2014-05-03 22:46 - 00686664 _____ ( ) C:\Users\*****\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.1.1004.exe
2014-05-02 22:37 - 2014-05-02 22:37 - 00000000 ____D () C:\Users\*****\Downloads\TS-808
2014-05-02 17:42 - 2014-05-02 17:44 - 24277737 _____ () C:\Users\*****\Downloads\www.free-sample-packs.com_101_Sound_Effects.zip
2014-05-02 17:41 - 2014-05-02 17:52 - 267025194 _____ () C:\Users\*****\Downloads\musicradar-female-vocal-samples.zip
2014-05-02 17:40 - 2014-05-02 17:44 - 51443341 _____ () C:\Users\*****\Downloads\PHATKID LAUNDRY- URBAN-POISON-FREE-SAMPLE-PACK.rar
2014-05-02 17:39 - 2014-05-02 17:41 - 63206748 _____ () C:\Users\*****\Downloads\Drum & Bass Collection Volume 1-www.free-sample-packs.com.zip
2014-05-02 17:38 - 2014-05-02 17:39 - 03616629 _____ () C:\Users\*****\Downloads\TS-808.zip
2014-05-02 17:38 - 2014-05-02 17:38 - 01402200 _____ () C:\Users\*****\Downloads\ROQSTAR - 12 Trap Snares (www.roqstarentertainment.com).zip
2014-05-02 17:37 - 2014-05-02 17:38 - 02541895 _____ () C:\Users\*****\Downloads\ROQSTAR - 7 Trap Kicks.zip
2014-05-02 17:33 - 2014-05-02 17:34 - 08809700 _____ () C:\Users\*****\Downloads\Trap-Foundations-www.free-sample-packs.com.zip
2014-04-28 19:56 - 2014-04-28 19:57 - 00119854 _____ () C:\Users\*****\Downloads\Re- Anfrage von ***** - 12.07.14 bis 19.07.14 - Objekt-Nr. 755101.html
2014-04-28 00:26 - 2014-04-28 00:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-23 13:38 - 2014-04-21 22:12 - 00000426 _____ () C:\AVScanner.ini
2014-04-21 22:50 - 2014-04-21 22:50 - 00538507 _____ () C:\Users\*****\Downloads\Gitarre2_f_r_RFbeat_1_.ogg
2014-04-21 22:12 - 2014-04-23 13:39 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-21 02:16 - 2014-04-21 02:16 - 503169558 _____ () C:\Windows\MEMORY.DMP
2014-04-21 02:16 - 2014-04-21 02:16 - 00274928 _____ () C:\Windows\Minidump\042114-22448-01.dmp
2014-04-16 13:29 - 2014-04-17 14:59 - 00000000 ____D () C:\Users\*****\Desktop\GAMEZ
2014-04-16 03:48 - 2014-04-16 03:48 - 00000000 ____D () C:\Users\*****\AVM_Driver
2014-04-14 22:47 - 2014-04-14 22:47 - 00007605 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2014-04-14 19:09 - 2014-05-03 03:08 - 00000000 ____D () C:\Users\*****\AppData\Roaming\.minecraft
2014-04-14 19:09 - 2014-04-14 19:09 - 00000000 ____D () C:\Users\*****\AppData\Roaming\.technic
2014-04-14 02:45 - 2014-04-14 02:45 - 00000000 ____D () C:\Users\*****\AppData\Local\GRLevelX
2014-04-14 02:39 - 2014-04-14 02:40 - 15528936 _____ ( ) C:\Users\*****\Downloads\grlevel3_2_setup.exe
2014-04-14 02:30 - 2014-04-14 02:38 - 00000000 ____D () C:\Users\*****\AppData\Local\aweather
2014-04-14 02:30 - 2014-04-14 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AWeather
2014-04-14 02:30 - 2014-04-14 02:30 - 00000000 ____D () C:\Program Files (x86)\AWeather
2014-04-14 02:29 - 2014-04-14 02:29 - 05801679 _____ () C:\Users\*****\Downloads\aweather-0.8-gtk.exe
2014-04-13 23:44 - 2014-04-14 10:27 - 00000000 ____D () C:\Users\*****\Downloads\lied
2014-04-13 23:34 - 2014-04-13 23:36 - 15136011 _____ () C:\Users\*****\Downloads\lied.zip
==================== One Month Modified Files and Folders =======
2014-05-03 23:55 - 2014-05-03 23:54 - 00031567 _____ () C:\Users\*****\Desktop\FRST.txt
2014-05-03 23:54 - 2014-05-03 23:53 - 00000000 ____D () C:\FRST
2014-05-03 23:54 - 2012-01-21 12:44 - 01220942 _____ () C:\Windows\WindowsUpdate.log
2014-05-03 23:53 - 2013-07-26 15:15 - 00007476 _____ () C:\autoupdate.log
2014-05-03 23:51 - 2012-04-29 15:32 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-03 23:51 - 2011-12-18 23:25 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-03 23:47 - 2014-03-24 21:48 - 00004072 _____ () C:\Windows\PFRO.log
2014-05-03 23:47 - 2014-03-18 00:46 - 00006122 _____ () C:\Windows\setupact.log
2014-05-03 23:47 - 2014-02-22 02:47 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
2014-05-03 23:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-03 23:44 - 2014-05-03 23:44 - 00000600 _____ () C:\Users\*****\Desktop\defogger_disable.log
2014-05-03 23:44 - 2014-05-03 23:44 - 00000020 _____ () C:\Users\*****\defogger_reenable
2014-05-03 23:44 - 2011-12-18 20:43 - 00000000 ____D () C:\Users\*****
2014-05-03 23:43 - 2014-05-03 23:43 - 00001044 _____ () C:\Users\*****\Desktop\MB_scan.txt
2014-05-03 23:29 - 2014-05-03 22:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 23:26 - 2014-05-03 23:26 - 02062336 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-05-03 23:26 - 2014-05-03 23:26 - 00380416 _____ () C:\Users\*****\Desktop\Gmer-19357.exe
2014-05-03 23:26 - 2014-05-03 23:26 - 00050477 _____ () C:\Users\*****\Desktop\Defogger.exe
2014-05-03 23:26 - 2013-01-17 00:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-03 23:21 - 2011-12-18 23:25 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-03 23:16 - 2012-09-12 00:22 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3896820611-3695378639-3730271298-1001UA.job
2014-05-03 23:02 - 2014-05-03 23:02 - 00613200 _____ (Chip Digital GmbH) C:\Users\*****\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-03 22:57 - 2014-05-03 22:57 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-03 22:57 - 2014-05-03 22:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-03 22:57 - 2014-05-03 22:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 22:57 - 2014-05-03 22:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-03 22:48 - 2014-05-03 22:52 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-03 22:46 - 2014-05-03 22:45 - 00686664 _____ ( ) C:\Users\*****\Downloads\COMPUTER_BILD-Download-Manager_fuer_mbam-setup-2.0.1.1004.exe
2014-05-03 20:16 - 2012-09-12 00:22 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3896820611-3695378639-3730271298-1001Core.job
2014-05-03 04:53 - 2012-11-24 02:21 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Spotify
2014-05-03 03:08 - 2014-04-14 19:09 - 00000000 ____D () C:\Users\*****\AppData\Roaming\.minecraft
2014-05-03 01:09 - 2012-11-24 02:21 - 00000000 ____D () C:\Users\*****\AppData\Local\Spotify
2014-05-02 22:37 - 2014-05-02 22:37 - 00000000 ____D () C:\Users\*****\Downloads\TS-808
2014-05-02 18:53 - 2013-03-20 22:33 - 00001485 _____ () C:\Users\*****\Desktop\KEYS.txt
2014-05-02 17:52 - 2014-05-02 17:41 - 267025194 _____ () C:\Users\*****\Downloads\musicradar-female-vocal-samples.zip
2014-05-02 17:44 - 2014-05-02 17:42 - 24277737 _____ () C:\Users\*****\Downloads\www.free-sample-packs.com_101_Sound_Effects.zip
2014-05-02 17:44 - 2014-05-02 17:40 - 51443341 _____ () C:\Users\*****\Downloads\PHATKID LAUNDRY- URBAN-POISON-FREE-SAMPLE-PACK.rar
2014-05-02 17:41 - 2014-05-02 17:39 - 63206748 _____ () C:\Users\*****\Downloads\Drum & Bass Collection Volume 1-www.free-sample-packs.com.zip
2014-05-02 17:39 - 2014-05-02 17:38 - 03616629 _____ () C:\Users\*****\Downloads\TS-808.zip
2014-05-02 17:38 - 2014-05-02 17:38 - 01402200 _____ () C:\Users\*****\Downloads\ROQSTAR - 12 Trap Snares (www.roqstarentertainment.com).zip
2014-05-02 17:38 - 2014-05-02 17:37 - 02541895 _____ () C:\Users\*****\Downloads\ROQSTAR - 7 Trap Kicks.zip
2014-05-02 17:34 - 2014-05-02 17:33 - 08809700 _____ () C:\Users\*****\Downloads\Trap-Foundations-www.free-sample-packs.com.zip
2014-05-01 03:09 - 2011-12-18 23:31 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-30 16:12 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-30 16:12 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-30 16:08 - 2011-12-19 01:29 - 00698614 _____ () C:\Windows\system32\perfh007.dat
2014-04-30 16:08 - 2011-12-19 01:29 - 00149020 _____ () C:\Windows\system32\perfc007.dat
2014-04-30 16:08 - 2009-07-14 07:13 - 01617650 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-30 16:02 - 2012-09-12 00:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 00:08 - 2011-12-26 22:54 - 00000000 ____D () C:\Users\*****\AppData\Roaming\vlc
2014-04-29 21:25 - 2012-03-29 23:02 - 00000000 ____D () C:\Users\*****\AppData\Roaming\dvdcss
2014-04-29 08:26 - 2013-01-17 00:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 08:26 - 2012-03-31 14:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 08:26 - 2011-12-18 23:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 19:57 - 2014-04-28 19:56 - 00119854 _____ () C:\Users\*****\Downloads\Re- Anfrage von ***** - 12.07.14 bis 19.07.14 - Objekt-Nr. 755101.html
2014-04-28 00:26 - 2014-04-28 00:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-24 16:04 - 2013-08-21 17:57 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox
2014-04-24 15:55 - 2013-08-21 18:08 - 00000000 ___RD () C:\Users\*****\Dropbox
2014-04-23 13:39 - 2014-04-21 22:12 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-23 13:38 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-21 22:50 - 2014-04-21 22:50 - 00538507 _____ () C:\Users\*****\Downloads\Gitarre2_f_r_RFbeat_1_.ogg
2014-04-21 22:12 - 2014-04-23 13:38 - 00000426 _____ () C:\AVScanner.ini
2014-04-21 02:16 - 2014-04-21 02:16 - 503169558 _____ () C:\Windows\MEMORY.DMP
2014-04-21 02:16 - 2014-04-21 02:16 - 00274928 _____ () C:\Windows\Minidump\042114-22448-01.dmp
2014-04-21 02:16 - 2013-04-19 18:57 - 00000000 ____D () C:\Windows\Minidump
2014-04-20 22:12 - 2011-12-19 22:46 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-04-20 20:34 - 2012-10-28 00:20 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-04-19 01:02 - 2011-12-22 23:12 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-18 12:16 - 2013-08-28 23:18 - 00001484 _____ () C:\Users\*****\AppData\Local\RecConfig.xml
2014-04-17 14:59 - 2014-04-16 13:29 - 00000000 ____D () C:\Users\*****\Desktop\GAMEZ
2014-04-16 13:34 - 2012-04-24 22:31 - 00000000 ____D () C:\Users\*****\Desktop\Musiksachen
2014-04-16 13:32 - 2012-11-02 15:28 - 00000000 ____D () C:\Users\*****\Desktop\Zeuch
2014-04-16 13:30 - 2014-01-20 20:44 - 00000000 ____D () C:\Users\*****\Desktop\FL Studio 10
2014-04-16 13:27 - 2012-04-24 22:33 - 00000000 ____D () C:\Users\*****\Desktop\Anwendungen
2014-04-16 03:48 - 2014-04-16 03:48 - 00000000 ____D () C:\Users\*****\AVM_Driver
2014-04-14 23:24 - 2011-12-22 23:18 - 00000000 ____D () C:\Users\*****\AppData\Roaming\TS3Client
2014-04-14 22:47 - 2014-04-14 22:47 - 00007605 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2014-04-14 19:19 - 2013-10-23 00:15 - 00000000 ____D () C:\Users\*****\minecraft
2014-04-14 19:09 - 2014-04-14 19:09 - 00000000 ____D () C:\Users\*****\AppData\Roaming\.technic
2014-04-14 16:26 - 2011-12-18 23:20 - 00000000 ____D () C:\Users\*****\AppData\Local\Google
2014-04-14 10:27 - 2014-04-13 23:44 - 00000000 ____D () C:\Users\*****\Downloads\lied
2014-04-14 02:47 - 2013-05-19 22:46 - 00000000 ____D () C:\Users\*****\AppData\Local\GRLevel3_2
2014-04-14 02:45 - 2014-04-14 02:45 - 00000000 ____D () C:\Users\*****\AppData\Local\GRLevelX
2014-04-14 02:40 - 2014-04-14 02:39 - 15528936 _____ ( ) C:\Users\*****\Downloads\grlevel3_2_setup.exe
2014-04-14 02:38 - 2014-04-14 02:30 - 00000000 ____D () C:\Users\*****\AppData\Local\aweather
2014-04-14 02:30 - 2014-04-14 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AWeather
2014-04-14 02:30 - 2014-04-14 02:30 - 00000000 ____D () C:\Program Files (x86)\AWeather
2014-04-14 02:29 - 2014-04-14 02:29 - 05801679 _____ () C:\Users\*****\Downloads\aweather-0.8-gtk.exe
2014-04-13 23:48 - 2011-12-22 23:12 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-04-13 23:36 - 2014-04-13 23:34 - 15136011 _____ () C:\Users\*****\Downloads\lied.zip
2014-04-08 17:51 - 2013-08-21 18:08 - 00001053 _____ () C:\Users\*****\Desktop\Dropbox.lnk
2014-04-08 17:51 - 2013-08-21 17:57 - 00000506 _____ () C:\Windows\wininit.ini
2014-04-08 17:51 - 2013-08-21 17:57 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-03 09:51 - 2014-05-03 22:57 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-05-03 22:57 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-05-03 22:57 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 11:30
==================== End Of Log ============================
Code:
Alles auswählen Aufklappen ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014
Ran by ***** at 2014-05-03 23:55:40
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.3.5 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0423.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActivePerl 5.14.2 Build 1402 (HKLM-x32\...\{02BFF1A3-A0D5-4F64-8558-A22682BCDA58}) (Version: 5.14.1402 - ActiveState)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader 9.5.0 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}) (Version: 1.5.17.05094 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094 - Alcor Micro Corp.) Hidden
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{C7A772A4-73CF-EB06-172F-75C5F6C80AAC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arcus - Rubik's Cube Simulator 0.3.2 (HKLM-x32\...\Arcus - Rubik's Cube Simulator 0.3.2) (Version: - Peter Szilagyi)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 6.5.1.0 - Auslogics Labs Pty Ltd)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.6 - Auslogics Software Pty Ltd)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AWeather (HKLM-x32\...\AWeather) (Version: - )
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - )
Beat Ball 2 (HKLM-x32\...\BeatBall2) (Version: - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{62763BAD-53A8-4C9F-B4CF-7CCABFEFD725}) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrettspielWelt (HKLM-x32\...\BrettspielWelt) (Version: 1.0 - BrettspielWelt GmbH)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.03 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
CLICK & LEARN DiDi 360° DVD (HKLM-x32\...\{38FFE749-5410-4010-8361-0AB6251F5CC2}_is1) (Version: CLICK & LEARN DiDi 360° 4.0 DVD - DEGENER)
Construct 2 Free (HKLM-x32\...\Steam App 227240) (Version: - )
Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crazy Machines (HKLM-x32\...\Steam App 18420) (Version: - Fakt Software)
Crazy Machines II (HKLM-x32\...\{112B0ED9-57F8-4883-8E6A-5BEAABDABBC1}) (Version: 1.00 - FAKT Software GmbH)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2529.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2529.50 - CyberLink Corp.) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC)
Downloader (HKLM-x32\...\Downloader) (Version: - )
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
DzSoft Perl Editor 5.8.9 (HKLM-x32\...\dzperl_is1) (Version: 5.8.9 - DzSoft Ltd)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Express Burn (HKLM-x32\...\ExpressBurn) (Version: 4.69 - NCH Software)
EZdrummer Lite Installer (HKLM-x32\...\{E80B34EE-F3E5-4F60-AE89-FF0D717554A2}) (Version: 1.1.4 - Toontrack)
Façade (HKLM-x32\...\{24E34264-D483-477C-A9A0-4E53F69834CF}) (Version: 1.1.2 - Procedural Arts)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
FlatOut (HKLM-x32\...\Steam App 6220) (Version: - Bugbear Entertainment)
FlatOut 2 (HKLM-x32\...\Steam App 2990) (Version: - Bugbear Entertainment)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
foobar2000 v1.2.5 (HKLM-x32\...\foobar2000) (Version: 1.2.5 - Peter Pawlowski)
Freak Out Extreme Freeride Demo (HKLM-x32\...\{D7AF66D9-BC29-4EA1-A39F-32DF5A03B2EC}) (Version: 1.0.0 - JoWooD)
Free Audio Converter version 5.0.28.812 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.28.812 - DVDVideoSoft Ltd.)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
GIMP 2.6.12 (HKLM\...\GIMP-2_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar)
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
GutscheinRausch.de - AddOn für Firefox (HKLM-x32\...\{2B11BA9C-7F97-4C16-970F-1491FD77969B}_is1) (Version: 2.81 - GutscheinRausch.de)
Gymnast v1.0 (HKLM-x32\...\Gymnast_is1) (Version: - Walaber)
Hedgewars (HKLM-x32\...\hedgewars) (Version: 0.9.18 - Hedgewars Project)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
iTunes (HKLM\...\{CF8FFD12-602B-422D-AF1D-511B411E7632}) (Version: 10.6.1.7 - Apple Inc.)
Java 7 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417015FF}) (Version: 7.0.150 - Oracle)
Java 7 Update 15 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217015FF}) (Version: 7.0.150 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Jibbin version March 2010 (HKLM-x32\...\{3252AF1C-86C7-404B-90EE-96C41C60F24F}_is1) (Version: March 2010 - Thomas Champagne)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios)
Just Cause 2: Multiplayer - Dedicated Server (HKLM-x32\...\Steam App 261140) (Version: - )
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios)
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.8 - Acer Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LMMS 0.4.11 (HKLM-x32\...\lmms) (Version: 0.4.11 - LMMS Developers)
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Macrium Reflect Free Edition (HKLM\...\{E9220B1F-33C4-4A89-B34D-38374CFBE2CF}) (Version: 5.1.5603 - Paramount Software (UK) Ltd.)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
MAGIX Music Maker 17 Premium (HKLM-x32\...\MAGIX_MSI_mm17dlx) (Version: 17.0.0.16 - MAGIX AG)
MAGIX Music Maker 17 Premium (x32 Version: 17.0.0.16 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{6333C013-366F-45BD-B598-9E0B25E41605}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{9C4436D2-3644-40E9-985C-D3D015F87285}) (Version: 7.0.2.6 - MAGIX AG)
Mah Jongg 2 (HKLM-x32\...\Mah Jongg 2) (Version: - )
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Motocross Madness 2 (HKLM-x32\...\Motocross Madness 2) (Version: - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 2.0 (HKLM-x32\...\{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}) (Version: 2.0.11128.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
MixPad Audiodatei-Mixer (HKLM-x32\...\MixPad) (Version: - NCH Software)
Moebius (HKLM-x32\...\{D6903FBB-FA2E-49DE-896F-7050B8679AFC}) (Version: 3.10.0000 - Fa. Ellen Hoche)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 1.0 MuseScore score typesetter (HKLM-x32\...\MuseScore) (Version: 1.0.0 - Werner Schweer and Others)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Native Instruments DrumMicA (HKLM-x32\...\Native Instruments DrumMicA) (Version: - Native Instruments)
Native Instruments DrumMicA (Version: 1.0.0.002 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.2.0.6361 - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.2.0.6361 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.1.1158 - Native Instruments)
Native Instruments Service Center (Version: 2.4.1.1158 - Native Instruments) Hidden
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenMPT 1.22 (HKLM-x32\...\{67903736-E9BB-4664-B148-F62BCAB4FA42}_is1) (Version: 1.22.02.00 - OpenMPT Devs / Olivier Lapicque)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PHOTOfunSTUDIO 5.2 HD Edition (HKLM-x32\...\{0AE09EFD-8680-4B14-9643-00AB33BEC6ED}) (Version: 5.02.126 - Panasonic Corporation)
PhotoStage Diashow-Ersteller (HKLM-x32\...\PhotoStage) (Version: - NCH Software)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.4.2 - PowerUp Software)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version: - )
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.7 - Razer USA Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6000 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
RPG Maker 2000 1.05 (HKLM-x32\...\RPG Maker 2000 1.05) (Version: - )
RTP 1.32 Add-On for RM2k (HKLM-x32\...\RTP 1.32 Add-On for RM2k) (Version: - )
RTP for RM2K (Png, Wav, Midi, Fonts) (HKLM-x32\...\RTP for RM2K (Png, Wav, Midi, Fonts)) (Version: - )
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
Sins of a Solar Empire (HKLM-x32\...\Sins of a Solar Empire) (Version: - Stardock Entertainment)
Sins of a Solar Empire (x32 Version: 1.05 - Kalypso) Hidden
Ski Challenge 12 (SRF) (HKCU\...\sc12-CH_SF) (Version: - )
Ski Challenge 14 (HKCU\...\sc14-GAMETWIST_MAIN) (Version: - )
Skispringen 2007 (HKLM-x32\...\Skispringen 2007_0001) (Version: - )
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.19.0 - Synaptics Incorporated)
TabTrax Demo 1.9 (HKLM-x32\...\TabTrax Demo) (Version: - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Tom Clancy's H.A.W.X. (HKLM-x32\...\Steam App 21900) (Version: - Ubisoft Bucharest Studio)
Tony Hawk's American Wasteland (HKLM-x32\...\{3293C06B-003F-4027-8380-FFD79E38167D}) (Version: 1.00.0000 - Ihr Firmenname)
Tony Hawk's Underground 2 (HKLM-x32\...\InstallShield_{EF1394D4-9FB6-4F1F-9A09-20FF3033AE14}) (Version: 1.00.0000 - Activision)
Tony Hawk's Underground 2 (x32 Version: 1.00.0000 - Activision) Hidden
TrackMania Sunrise (HKLM-x32\...\TmSunrise_is1) (Version: - Nadeo)
TrackMania United 0.2.0.8 (HKLM-x32\...\TmUnited_is1) (Version: - Nadeo)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version: - RedLynx and Ubisoft Shanghai)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Videobearbeitungs-Software (HKLM-x32\...\VideoPad) (Version: - NCH Software)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Walaber's Trampoline (HKLM-x32\...\{9617BEC2-A487-40E7-94FB-AC699F1B360B}) (Version: 1.1 - Walaber)
WavePad Audiobearbeitungs-Software (HKLM-x32\...\WavePad) (Version: - NCH Software)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: 2.60b - ACTIVISION)
Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version: - )
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
YGOPro DevPro Version 1.8.6 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.8.6 - YGOPro DevPro Online)
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.1 - Abelssoft)
==================== Restore Points =========================
30-04-2014 19:07:40 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0973068E-B769-4815-A8B1-7C8C7E435F60} - System32\Tasks\{0445D3BE-D5D0-4EED-BE57-CE9BA1A68E92} => C:\Users\*****\Desktop\generally105\GeneRally.exe
Task: {1C316CA0-D9DB-4A28-A6A4-1E7CC9076AD5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {1F7A2DD9-8BAC-4015-B4E9-F0D05758128C} - System32\Tasks\{B9BC6E84-3E4C-453C-A143-7A6B1A49E14E} => C:\Program Files (x86)\Frets on Fire\FretsOnFire.exe
Task: {35CDDFEE-CAA7-4742-9AC6-F535C2033F77} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-06-05] ()
Task: {4235E7D9-5D0F-4A92-A56A-BD5AC596C3A6} - System32\Tasks\{B4477AC7-E5FE-4B6F-8169-BFA1CEE88241} => C:\Program Files (x86)\Moebius\moebius.exe [2008-05-13] ()
Task: {49124818-28C5-4010-B541-7C192573BB36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-18] (Google Inc.)
Task: {4F528264-1CEC-47C1-B828-0C33B1CFD2CC} - System32\Tasks\{55B51A6F-DA64-47EE-8C5D-96E8F1DA865B} => C:\Program Files (x86)\Microsoft Games\Motocross Madness 2\MCM2.EXE [2000-04-30] (Rainbow Multimedia Group, Inc)
Task: {5B408A0E-1D16-453D-9414-381EA5AAF734} - System32\Tasks\{ACB41C13-2A8C-4173-871A-0A0F0C716744} => C:\Users\*****\Desktop\generally105\GeneRally.exe
Task: {63CB06A6-BC77-4E5A-A23B-271EC1061701} - System32\Tasks\{EA8AF799-CDFE-4EC4-ABC9-C9AA6DF54B01} => C:\Program Files (x86)\Microsoft Games\Motocross Madness 2\MCM2.EXE [2000-04-30] (Rainbow Multimedia Group, Inc)
Task: {6D560047-9F30-4F99-8667-899E849236BC} - System32\Tasks\{C74FE53C-63BB-4A72-ADD4-52A495EF8A23} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: {6F47EF89-2FA3-4BEE-A18C-5F609C4D48A3} - System32\Tasks\{2D958B9D-8092-404C-965D-8E2CDF3ECDA4} => C:\Program Files (x86)\Frets on Fire\FretsOnFire.exe
Task: {73AD8B1D-BAE3-4AE1-A2A8-7B06C7FC127F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3896820611-3695378639-3730271298-1001UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-12] (Google Inc.)
Task: {77E01A35-CA59-46EF-B914-98641531CF32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-18] (Google Inc.)
Task: {7A89EB6D-13B2-4CDB-AA44-233411128878} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn ***** logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2014-03-12] (Auslogics)
Task: {9432FEC4-3634-4C20-A0A4-EF8C661DF7DB} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {956BFC75-60E8-4184-9CD4-6869808F3595} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {9902D88E-A47A-41D5-A728-122196F2B87A} - System32\Tasks\{1229CBB2-2EF0-4CA9-8689-AEB79D92E940} => C:\Program Files (x86)\Frets on Fire\FretsOnFire.exe
Task: {A0861D30-55A6-49BF-B9C2-A162DC1FD8B1} - System32\Tasks\{43D7636D-E610-448C-BFB8-98611F72583F} => C:\Program Files (x86)\Frets on Fire\FretsOnFire.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {C89D62DF-9125-4724-B461-52CCD4206BDA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CA301857-F9B6-43EB-8F17-2C99D0556D88} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3896820611-3695378639-3730271298-1001Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-12] (Google Inc.)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3896820611-3695378639-3730271298-1001Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3896820611-3695378639-3730271298-1001UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-20 22:25 - 2013-10-29 03:33 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-01-31 14:42 - 2013-01-31 14:42 - 00302200 _____ () C:\Program Files\Macrium\Reflect\ReflectService.exe
2013-07-25 23:02 - 2012-08-01 15:44 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll
2011-12-29 23:35 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-12-26 01:38 - 2011-10-26 18:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-03-10 17:30 - 2013-03-10 17:14 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-09 02:18 - 2010-03-09 02:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 02:13 - 2010-03-09 02:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-01-08 09:48 - 2014-04-22 00:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-30 16:03 - 2014-04-22 00:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-03-12 18:10 - 2014-04-01 00:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-04-29 15:33 - 2014-04-24 00:01 - 01092288 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-04-29 15:33 - 2014-03-03 21:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-04-29 15:33 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-04-29 15:33 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-04-29 15:33 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2011-12-19 01:19 - 2009-05-21 00:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:�DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:�SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\Temp:E18B7D31
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2014 00:37:23 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (04/30/2014 09:04:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (04/30/2014 04:51:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8096
Error: (04/30/2014 04:51:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8096
Error: (04/30/2014 04:51:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/30/2014 04:51:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7098
Error: (04/30/2014 04:51:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7098
Error: (04/30/2014 04:51:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/30/2014 04:51:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6084
Error: (04/30/2014 04:51:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6084
System errors:
=============
Error: (05/03/2014 11:49:18 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfsync02
Error: (05/03/2014 11:49:18 PM) (Source: Service Control Manager) (User: )
Description: Dienst "PinnacleUpdate Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/03/2014 11:46:58 PM) (Source: Application Popup) (User: )
Description: Treiber sfsync02.sys konnte nicht geladen werden.
Error: (04/30/2014 04:05:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (04/30/2014 04:05:02 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (04/30/2014 04:04:50 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfsync02
Error: (04/30/2014 04:04:49 PM) (Source: Service Control Manager) (User: )
Description: Dienst "PinnacleUpdate Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/30/2014 04:01:58 PM) (Source: Application Popup) (User: )
Description: Treiber sfsync02.sys konnte nicht geladen werden.
Error: (04/30/2014 01:31:55 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MEYER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{78C02FF5-46F5-4738-9C17-B03B321B3288}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (04/28/2014 11:30:22 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst UNS erreicht.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3956.5 MB
Available physical RAM: 2046.41 MB
Total Pagefile: 7911.13 MB
Available Pagefile: 5751.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Fäsdbladde) (Fixed) (Total:452.48 GB) (Free:69.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 00410040)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
Alles auswählen Aufklappen ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-04 00:43:32
Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\TIMHOF~1\AppData\Local\Temp\axddipob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[2004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[2004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[2100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2120] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2120] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 00000000729d1a22 2 bytes [9D, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 00000000729d1ad0 2 bytes [9D, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 00000000729d1b08 2 bytes [9D, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 00000000729d1bba 2 bytes [9D, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 00000000729d1bda 2 bytes [9D, 72]
? C:\Windows\system32\mssprxy.dll [2852] entry point in ".rdata" section 00000000717e71e6
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3548] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3548] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Windows\SysWOW64\mmrtkrnl.exe[1628] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Windows\SysWOW64\mmrtkrnl.exe[1628] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Windows\SysWOW64\mmrtkrnl.exe[1628] C:\Windows\SysWOW64\wsock32.dll!setsockopt + 322 00000000729d1a22 2 bytes [9D, 72]
.text C:\Windows\SysWOW64\mmrtkrnl.exe[1628] C:\Windows\SysWOW64\wsock32.dll!setsockopt + 496 00000000729d1ad0 2 bytes [9D, 72]
.text C:\Windows\SysWOW64\mmrtkrnl.exe[1628] C:\Windows\SysWOW64\wsock32.dll!setsockopt + 552 00000000729d1b08 2 bytes [9D, 72]
.text C:\Windows\SysWOW64\mmrtkrnl.exe[1628] C:\Windows\SysWOW64\wsock32.dll!setsockopt + 730 00000000729d1bba 2 bytes [9D, 72]
.text C:\Windows\SysWOW64\mmrtkrnl.exe[1628] C:\Windows\SysWOW64\wsock32.dll!setsockopt + 762 00000000729d1bda 2 bytes [9D, 72]
.text C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[4160] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4208] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4208] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[4396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[4396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Program Files (x86)\BlueStacks\HD-Agent.exe[4704] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\BlueStacks\HD-Agent.exe[4704] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3344] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000074d31465 2 bytes [D3, 74]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3344] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000074d314bb 2 bytes [D3, 74]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [5900:4616] 000007fef7239688
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x8C 0xCF 0xEB 0xC6 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x8C 0xCF 0xEB 0xC6 ...
---- EOF - GMER 2.1 ----
Ich bedanke mich schon mal im Voraus und hoffe auf baldige Hilfe.
MfG
Equimon
WARNUNG an die MITLESER: 
Linear-Darstellung
