| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Schwieriger Trojaner?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
16.06.2014, 18:17
| #1 |
| |  Windows 7: Schwieriger Trojaner? also, ich bin mit meinem latein etwas am ende. ich habe schon einiges selbst unternommen. aber am besten der reihe nach. ich merke, dass irgendwas mit meinem rechner nicht stimmt: 1.)  also, dieses _MSBROWSE_ gehört da definitiv nicht hin 2.) seit einiger zeit bekomme ich ständig meldungen, dass der arbeitsspeicher voll ist und dass etwas geschlossen wird 3.) das notebook reagiert nicht mehr flüssig, obwohl ich nicht anderes mache 4.) ich bekomme beim browser (chrome) plötzlich bilder, wo keine hingehören...da ist irgendwas komisch. es werden die falschen grafiken geladen/angezeigt) teilweise ist das html auch verschoben. 5) vor ein paar tagen ist mir aufgefallen, dass plötzlich durchsichtige temp-backups von word-dateien auf dem desktop auftauchen, die ich seit 2011 nicht geöffnet habe. word war zu dem zeitpunkt auch nicht geöffnet.  6.) auf meinem desktop ist ein verzeichnis namens "backups" aufgetaucht. in der schnellleiste im explorer taucht zwischen "musik" und "videos" "Subversion" auf...siehe erstes bild...links...das hab ich auch nicht angelegt. das ist das, was mir im moment auffällt. ich habe vorher norton internet security installiert gehabt...cbe-edition. bin jetzt auf g-data (auch cbe-edition) umgestiegen. meint ihr, der springer-konzern nutzt diese software, um rechner auszuspähen? beide sicherheitsoftwares haben aber keine infektion gemeldet. ich habe Malwarebytes antimalware laufen lassen. nichts dann hijack this: HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:09:32, on 16.06.2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17126) Boot mode: Normal Running processes: C:\Anwendungen\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Anwendungen\GREEN BUTTON\GREEN BUTTON.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe C:\Anwendungen\Virtual CD v10\System\VC10Play.exe C:\Anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe C:\Anwendungen\Acrobat 11.0\Acrobat\acrotray.exe C:\Anwendungen\Virtual CD v10\System\VC10Tray.exe C:\Anwendungen\Skype\Phone\Skype.exe C:\Users\MarzipanFerkel\Desktop\O-Gaming Stuff\YouScreen.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\Wireless Network Watcher\WNetWatcher.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Anwendungen\SRWare Iron\chrome.exe C:\Users\MarzipanFerkel\Desktop\Anwendungen\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Gaming Mouse] "C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe" /hide O4 - HKLM\..\Run: [VC10Player] C:\Anwendungen\Virtual CD v10\System\VC10Play.exe O4 - HKLM\..\Run: [GDFirewallTray] C:\Anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe O4 - HKLM\..\Run: [G Data ASM] "C:\Anwendungen\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Anwendungen\Acrobat 11.0\Acrobat\Acrotray.exe" O4 - Startup: Verbatim GREEN BUTTON.lnk = C:\Anwendungen\GREEN BUTTON\GREEN BUTTON.exe O8 - Extra context menu item: An OneNote s&enden - res://C:\ANWEND~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\ANWEND~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Anwendungen\ICQ7.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Anwendungen\ICQ7.5\ICQ.exe O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Anwendungen\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - Unknown owner - C:\Spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe (file missing) O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Anwendungen\Defrag\oodag.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Anwendungen\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Virtual CD v10 Management Service (VC10SecS) - H+H Software GmbH - C:\Anwendungen\Virtual CD v10\System\VC10SecS.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15179 bytes mich stört eben dieses _MSBROWSE_ was ich gerade entdeckt habe: hxxp://www.boerse.bz/hard-software/sicherheit-und-anonymitaet/1830819-msbrowse.html |
|
16.06.2014, 18:30
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: Schwieriger Trojaner? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
16.06.2014, 19:57
| #3 |
| | Windows 7: Schwieriger Trojaner? ich hab mal ein paar persönliche namen und dateien unkenntlich gemacht...da wird ja wirklich alles aufgelistet
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by XXX (administrator) on XXX9 on 16-06-2014 20:17:53
Running from C:\Users\XXX\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Anwendungen\InternetSecurity\AVK\AVKService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
() C:\Windows\Runservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(O&O Software GmbH) C:\Anwendungen\Defrag\oodag.exe
(TuneUp Software) C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(H+H Software GmbH) C:\Anwendungen\Virtual CD v10\System\VC10SecS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(G Data Software AG) C:\Anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TuneUp Software) C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
(G Data Software AG) C:\Anwendungen\InternetSecurity\AVKTray\AVKTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Verbatim) C:\Anwendungen\GREEN BUTTON\GREEN BUTTON.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe
(H+H Software GmbH) C:\Anwendungen\Virtual CD v10\System\VC10Play.exe
(G Data Software AG) C:\Anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Adobe Systems Inc.) C:\Anwendungen\Acrobat 11.0\Acrobat\acrotray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(H+H Software GmbH) C:\Anwendungen\Virtual CD v10\System\vc10tray.exe
(Skype Technologies S.A.) C:\Anwendungen\Skype\Phone\Skype.exe
() C:\Users\XXX\Desktop\O-Gaming Stuff\YouScreen.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe
() C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepolisBot2.exe
() C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepolisBot2.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [Gaming Mouse] => C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe [1306624 2009-09-30] ()
HKLM-x32\...\Run: [VC10Player] => C:\Anwendungen\Virtual CD v10\System\VC10Play.exe [411976 2011-05-20] (H+H Software GmbH)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [G Data ASM] => C:\Anwendungen\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [431224 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Anwendungen\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Anwendungen\InternetSecurity\AVKTray\AVKTray.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db06e-a5ce-11e0-8e63-1c7508461236} - G:\AutoRun.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db075-a5ce-11e0-8e63-1c7508461236} - I:\AutoRun.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db0a8-a5ce-11e0-8e63-1c7508461236} - G:\AutoRun.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db0aa-a5ce-11e0-8e63-1c7508461236} - G:\AutoRun.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db0ad-a5ce-11e0-8e63-1c7508461236} - H:\AutoRun.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {79e9bbea-c377-11e0-97c9-1c7508461236} - H:\LGAutoRun.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {a7d8b4f2-5772-11e0-8658-1c7508461236} - E:\setup.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {d10e2075-5cf7-11e0-a02f-1c7508461236} - G:\AutoRun.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {d10e2079-5cf7-11e0-a02f-1c7508461236} - G:\AutoRun.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {ef337489-ac81-11e0-82fb-1c7508461236} - G:\AutoRun.exe
HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {ef33748d-ac81-11e0-82fb-1c7508461236} - G:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)
Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verbatim GREEN BUTTON.lnk
ShortcutTarget: Verbatim GREEN BUTTON.lnk -> C:\Anwendungen\GREEN BUTTON\GREEN BUTTON.exe (Verbatim)
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.de/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {43A38C7F-A448-4B05-AB15-E35F48D8AAD1} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {351619BE-1546-4D08-BF21-9C15FCD0D65B} URL = hxxp://www.computerbild.de/suche/index.html?s_text={searchTerms}
SearchScopes: HKCU - {43A38C7F-A448-4B05-AB15-E35F48D8AAD1} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {9DD1A6C5-E41C-43E9-B6E4-129A9FEF5DEC} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Anwendungen\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Anwendungen\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Anwendungen\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Anwendungen\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default
FF DefaultSearchEngine: Google Deutschland
FF SelectedSearchEngine: Google Deutschland
FF Keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10001&q=
FF NetworkProxy: "backup.ftp", "173.201.95.24"
FF NetworkProxy: "backup.ftp_port", 80
FF NetworkProxy: "backup.socks", "173.201.95.24"
FF NetworkProxy: "backup.socks_port", 80
FF NetworkProxy: "backup.ssl", "173.201.95.24"
FF NetworkProxy: "backup.ssl_port", 80
FF NetworkProxy: "ftp", "192.227.139.215"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "192.227.139.215"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "192.227.139.215"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "socks_version", 4
FF NetworkProxy: "ssl", "192.227.139.215"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\ANWEND~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Anwendungen\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Anwendungen\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Anwendungen\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\XXX\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\XXX\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\searchplugins\google-deutschland---auf-deutsch.xml
FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\searchplugins\google-deutschland---aus-deutschland.xml
FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\searchplugins\google-deutschland---nicht-personalisiert.xml
FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\searchplugins\google-deutschland.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\donottrackplus@abine.com [2014-06-12]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65} [2012-09-16]
FF Extension: WOT - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-16]
FF Extension: DownloadHelper - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-01]
FF Extension: Proxy-Listen.de - Proxyswitcher - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\admin@proxy-listen.de.xpi [2014-05-01]
FF Extension: Firebug - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\firebug@software.joehewitt.com.xpi [2013-08-02]
FF Extension: Flagfox - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-12]
FF Extension: ScrapBook - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-08-02]
FF Extension: NoScript - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-08-02]
FF Extension: Adblock Plus - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-02]
FF Extension: DownThemAll! - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-02]
FF Extension: Adobe Acrobat - Create PDF - C:\Anwendungen\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Anwendungen\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Anwendungen\DivX\DivX Plus Web Player\firefox\html5video [2011-02-19]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Anwendungen\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Anwendungen\DivX\DivX Plus Web Player\firefox\wpa [2011-02-19]
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Anwendungen\Babylon-Pro\Utils\ocr@babylon.com
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Anwendungen\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Anwendungen\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-08]
FF StartMenuInternet: FIREFOX.EXE - C:\Anwendungen\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR DefaultSearchURL: hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR Plugin: (Shockwave Flash) - C:\Users\XXX\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Anwendungen\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Anwendungen\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Anwendungen\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (DivX Web Player) - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\XXX\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\XXX\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll ()
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Anwendungen\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\XXX\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Adblock Plus) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2011-11-21]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-06-09]
CHR Extension: (DivX HiQ) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-09-15]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-09-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Anwendungen\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Anwendungen\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Anwendungen\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
==================== Services (Whitelisted) =================
Locked "vdrv1000" service was unlocked successfully. <===== ATTENTION
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Anwendungen\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R3 GDFwSvc; C:\Anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2012-11-19] () [File not signed]
S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
S4 nTuneService; C:\Anwendungen\nTune\nTuneService.exe [276584 2010-03-22] (NVIDIA)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 OODefragAgent; C:\Anwendungen\Defrag\oodag.exe [3140424 2010-09-30] (O&O Software GmbH)
S2 SkypeUpdate; C:\Anwendungen\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TGCM_ImportWiFiSvc; C:\Anwendungen\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
R2 TuneUp.UtilitiesSvc; C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [1974080 2010-10-26] (TuneUp Software)
S4 UpdateCenterService; C:\Anwendungen\System Update\UpdateCenterService.exe [282728 2009-11-06] (NVIDIA)
R2 VC10SecS; C:\Anwendungen\Virtual CD v10\System\VC10SecS.exe [144712 2011-05-20] (H+H Software GmbH)
S3 DAUpdaterSvc; C:\Spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [X]
==================== Drivers (Whitelisted) ====================
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-03-09] ()
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-06-06] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2014-06-06] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [68608 2014-06-06] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-06-06] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-06-07] (G Data Software)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2014-06-06] (G Data Software AG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-03-09] ()
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SjtWinIo; C:\Windows\System32\DRIVERS\SjtWinIo.sys [9216 2011-01-23] (SpeedJet Technology INC.)
R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )
S3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34040 2011-10-05] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-01-22] () [File not signed]
R3 TuneUpUtilitiesDrv; C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2010-10-07] (TuneUp Software)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2011-04-19] (H+H Software GmbH)
S3 ALSysIO; \??\C:\Users\MARZIP~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-16 20:17 - 2014-06-16 20:21 - 00032859 _____ () C:\Users\XXX\Downloads\FRST.txt
2014-06-16 20:17 - 2014-06-16 20:18 - 00000000 ____D () C:\FRST
2014-06-16 20:16 - 2014-06-16 20:16 - 02081280 _____ (Farbar) C:\Users\XXX\Downloads\FRST64.exe
2014-06-16 18:32 - 2014-06-16 18:32 - 00000000 ____D () C:\Users\XXX\AppData\Local\Adobe
2014-06-15 15:43 - 2014-06-15 15:43 - 07374613 _____ () C:\Users\XXX\Downloads\sherlock_lost_files_serrated.zip
2014-06-15 15:29 - 2014-06-15 15:30 - 04200000 _____ () C:\Users\XXX\Downloads\holmes.part1.zip
2014-06-15 15:29 - 2014-06-15 15:30 - 02982576 _____ () C:\Users\XXX\Downloads\holmes.part2.zip
2014-06-14 23:51 - 2014-06-14 23:51 - 02380600 _____ () C:\Users\XXX\Downloads\24681_game_extra_1.zip
2014-06-14 23:35 - 2014-06-14 23:35 - 02217975 _____ () C:\Users\XXX\Downloads\Wizzardry7.zip
2014-06-14 21:06 - 2014-06-14 21:06 - 01694763 _____ () C:\Users\XXX\Downloads\civ.zip
2014-06-14 21:00 - 2014-06-14 21:00 - 01802770 _____ () C:\Users\XXX\Downloads\civilization (1).zip
2014-06-14 20:59 - 2014-06-14 20:59 - 01802770 _____ () C:\Users\XXX\Downloads\civilization.zip
2014-06-11 18:33 - 2014-06-11 18:34 - 00000295 _____ () C:\Users\XXX\Downloads\BK_AUME_000495DE_LC_128_44100_ste_A2A7Y020DG6BFH.adh
2014-06-11 14:32 - 2014-06-16 18:21 - 00000357 _____ () C:\Users\XXX\Desktop\CB1314CD (D) 0 Bytes.lnk
2014-06-11 14:23 - 2014-06-11 14:24 - 00000000 ____D () C:\Users\XXX\Desktop\Dokumente 2014
2014-06-11 13:00 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 13:00 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 13:00 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 13:00 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 13:00 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 13:00 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 13:00 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 13:00 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 13:00 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 13:00 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 13:00 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 13:00 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 13:00 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 13:00 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 13:00 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 13:00 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 13:00 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 12:59 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 12:59 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 12:59 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 12:59 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 12:59 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 12:59 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 12:59 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 12:59 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 12:59 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 12:59 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 12:59 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 12:59 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 12:59 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 12:59 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 12:59 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 12:59 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 12:59 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 12:59 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 12:59 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 12:59 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 12:59 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 12:59 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 12:59 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 12:59 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 12:59 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 12:59 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 12:59 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 12:59 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 12:59 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 12:59 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 12:59 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 12:59 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 12:59 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 12:59 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 12:59 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 12:59 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 12:59 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 12:59 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 12:59 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 12:59 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 12:59 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 12:59 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 12:59 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 12:59 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 12:59 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 12:59 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 12:59 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 12:59 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 12:59 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 12:57 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 12:57 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-09 20:35 - 2014-06-09 20:35 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-06-09 20:34 - 2014-06-09 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-06-09 00:31 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-09 00:31 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-09 00:31 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-09 00:31 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-09 00:30 - 2014-06-09 00:31 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-09 00:24 - 2014-06-09 00:26 - 00918952 _____ (Oracle Corporation) C:\Users\XXX\Downloads\chromeinstall-7u60.exe
2014-06-08 16:35 - 2014-06-08 16:40 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-06-08 16:35 - 2014-06-08 16:40 - 00001959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-06-08 16:35 - 2014-06-08 16:40 - 00001798 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-06-07 16:51 - 2014-06-07 16:51 - 00272423 _____ () C:\Users\XXX\Downloads\wifiinfoview160.zip
2014-06-07 16:49 - 2014-06-08 12:42 - 00000000 ____D () C:\Users\XXX\Desktop\274_0706
2014-06-07 16:41 - 2014-06-07 16:42 - 00000000 ____D () C:\Users\XXX\AppData\Local\MetaGeek,_LLC
2014-06-07 16:35 - 2014-06-07 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2014-06-07 16:14 - 2014-06-07 16:30 - 04767744 _____ () C:\Users\XXX\Downloads\inSSIDer3121-installer.msi
2014-06-07 15:11 - 2014-06-07 15:11 - 00304384 _____ () C:\Users\XXX\Downloads\wnetwatcher_setup.exe
2014-06-07 15:11 - 2014-06-07 15:11 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2014-06-07 14:52 - 2014-06-07 14:55 - 00710040 _____ () C:\Users\XXX\Downloads\download-wireless-watch.exe
2014-06-07 14:29 - 2014-06-07 14:29 - 00000000 ____D () C:\Users\XXX\Desktop\backups
2014-06-07 14:23 - 2014-06-07 14:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\XXX\Downloads\HiJackThis204 (1).exe
2014-06-07 07:31 - 2014-06-07 07:31 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2014-06-07 07:31 - 2014-06-07 07:31 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-06-06 20:23 - 2014-06-06 20:23 - 00000000 ___HD () C:\MyWinLockerData
2014-06-06 19:33 - 2014-06-06 19:33 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-06-06 19:33 - 2014-06-06 19:33 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-06-06 19:33 - 2014-06-06 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE
2014-06-06 19:32 - 2014-06-06 19:32 - 00000000 _____ () C:\Users\XXX\AppData\Roaming\gdfw.log
2014-06-06 19:31 - 2014-06-06 19:31 - 00135168 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-06-06 19:31 - 2014-06-06 19:31 - 00065024 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-06-06 19:31 - 2014-06-06 19:31 - 00057344 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-06-06 19:31 - 2014-06-06 19:31 - 00000779 _____ () C:\Users\XXX\AppData\Roaming\gdscan.log
2014-06-06 19:14 - 2014-06-06 20:15 - 00000000 ____D () C:\ProgramData\G Data
2014-06-05 23:04 - 2014-06-05 23:04 - 05128525 _____ () C:\Users\XXX\Downloads\hexuma_man.7z
2014-06-05 22:51 - 2014-06-05 22:51 - 01792866 _____ () C:\Users\XXX\Downloads\hexuma-das-auge-des-kal.zip
2014-06-05 18:56 - 2014-06-05 22:03 - 00000000 ____D () C:\Users\XXX\Documents\panzertacticshd
2014-06-05 18:06 - 2014-06-05 18:15 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-05 18:02 - 2014-06-05 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bitComposer Games
2014-06-05 12:31 - 2014-06-05 13:24 - 401627384 _____ () C:\Users\XXX\Downloads\XXX
2014-06-03 23:15 - 2014-06-03 23:16 - 07256099 _____ () C:\Users\XXX\Downloads\on-the-ball-world-cup-edition.zip
2014-06-02 23:46 - 2014-06-02 23:48 - 42015633 _____ () C:\Users\XXX\Downloads\ADC_Series_EyeOfTheBeholder.7z
2014-06-02 23:01 - 2014-06-02 23:04 - 55482340 _____ () C:\Users\XXX\Downloads\ADC_Series_Ishar.7z
2014-06-02 15:28 - 2014-06-02 15:31 - 48609097 _____ () C:\Users\XXX\Downloads\ADC_Series_Thalion.7z
2014-06-02 15:26 - 2014-06-02 15:26 - 05672195 _____ () C:\Users\XXX\Downloads\ADC_!base!.7z
2014-06-02 13:06 - 2014-06-02 14:09 - 00000000 ____D () C:\Users\XXX\Desktop\273_0206
2014-06-01 17:34 - 2014-06-01 17:34 - 00000717 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order.lnk
2014-06-01 10:23 - 2014-06-01 10:26 - 00000000 ____D () C:\Users\XXX\Desktop\Bilder
2014-06-01 10:20 - 2014-06-01 10:20 - 00106031 _____ () C:\Users\XXX\Downloads\usbdeview-x64.zip
2014-06-01 01:36 - 2014-06-16 18:19 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-06-01 01:36 - 2014-06-16 18:19 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-05-30 13:24 - 2014-05-30 13:24 - 01250152 _____ () C:\Users\XXX\Downloads\Amberstar.zip
2014-05-29 21:40 - 2014-05-29 21:43 - 07355793 _____ () C:\Users\XXX\Downloads\aorCampaignsPack.rar
2014-05-29 21:37 - 2014-05-29 21:43 - 28245690 _____ () C:\Users\XXX\Downloads\aorScenariosPack.rar
2014-05-29 20:38 - 2014-05-29 20:38 - 01821774 _____ () C:\Users\XXX\Downloads\wargame-construction-set-ii-tanks.zip
2014-05-29 19:22 - 2014-05-29 19:23 - 09308413 _____ () C:\Users\XXX\Downloads\sid-meiers-railroad-tycoon-deluxe.zip
2014-05-29 18:34 - 2014-05-29 18:34 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\NVIDIA
2014-05-29 18:32 - 2014-05-29 18:33 - 04857538 _____ () C:\Users\XXX\Downloads\lords-of-the-realm.zip
2014-05-29 16:05 - 2014-05-29 16:05 - 02702643 _____ () C:\Users\XXX\Downloads\empire-deluxe.zip
2014-05-29 12:51 - 2014-05-29 12:52 - 08214483 _____ () C:\Users\XXX\Downloads\empire-ii-the-art-of-war.zip
2014-05-29 12:10 - 2014-05-29 12:10 - 04007747 _____ () C:\Users\XXX\Downloads\dune-ii-the-building-of-a-dynasty.zip
2014-05-29 11:59 - 2014-05-29 12:00 - 13858942 _____ () C:\Users\XXX\Downloads\crusade.zip
2014-05-29 11:27 - 2014-05-29 11:27 - 09658277 _____ () C:\Users\XXX\Downloads\crisis-in-the-kremlin.zip
2014-05-29 11:20 - 2014-05-29 11:20 - 01009024 _____ () C:\Users\XXX\Downloads\clash-of-steel-world-war-ii-europe-1939-45.zip
2014-05-29 11:10 - 2014-05-29 11:10 - 00475637 _____ () C:\Users\XXX\Downloads\bush-buck-global-treasure-hunter.zip
2014-05-29 10:20 - 2014-05-29 10:21 - 14769279 _____ () C:\Users\XXX\Downloads\Windows 3 for DOSBox.rar
2014-05-29 10:09 - 2014-05-29 10:09 - 00134198 _____ () C:\Users\XXX\Downloads\balance-of-power-the-1990-edition.zip
2014-05-28 18:53 - 2014-05-28 18:54 - 15259203 _____ () C:\Users\XXX\Downloads\fmc_db_mp_europa (2).exe
2014-05-27 20:03 - 2014-05-27 20:03 - 00000000 ____D () C:\Users\XXX\Documents\FIFA MANAGER 13
2014-05-24 22:05 - 2014-05-24 22:05 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grandy Games
2014-05-24 22:05 - 2014-05-24 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grandy Games
2014-05-24 22:01 - 2000-05-16 10:40 - 00083968 _____ () C:\Windows\UnGins.exe
2014-05-24 22:01 - 2000-03-07 00:00 - 00473600 _____ () C:\Windows\SysWOW64\Harmony.dll
2014-05-24 22:01 - 2000-03-07 00:00 - 00237568 _____ () C:\Windows\SysWOW64\Unlha32.dll
2014-05-24 11:59 - 2014-05-24 11:59 - 00196754 _____ () C:\Users\XXX\Downloads\msvcp110.zip
2014-05-23 11:17 - 2014-05-23 11:19 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-23 11:11 - 2014-05-23 11:11 - 00921512 _____ (Oracle Corporation) C:\Users\XXX\Downloads\chromeinstall-7u55.exe
2014-05-18 10:55 - 2014-05-18 10:55 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-05-18 10:48 - 2014-05-18 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2014-05-18 10:45 - 2014-05-18 10:46 - 02773664 _____ (Crystal Dew World ) C:\Users\XXX\Downloads\CrystalDiskInfo6_1_12-en.exe
2014-05-17 00:42 - 2014-05-17 00:42 - 02296616 _____ () C:\Users\XXX\Downloads\GrepolisBot2_v2.61.0.1.zip
==================== One Month Modified Files and Folders =======
2014-06-16 20:22 - 2012-11-24 21:32 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Skype
2014-06-16 20:21 - 2014-06-16 20:17 - 00032859 _____ () C:\Users\XXX\Downloads\FRST.txt
2014-06-16 20:21 - 2011-01-22 17:15 - 00000000 ____D () C:\Users\XXX\AppData\Local\Temp
2014-06-16 20:18 - 2014-06-16 20:17 - 00000000 ____D () C:\FRST
2014-06-16 20:16 - 2014-06-16 20:16 - 02081280 _____ (Farbar) C:\Users\XXX\Downloads\FRST64.exe
2014-06-16 19:27 - 2013-11-08 01:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-16 19:09 - 2011-02-05 04:13 - 00000000 ___RD () C:\Users\XXX\Desktop\Anwendungen
2014-06-16 18:32 - 2014-06-16 18:32 - 00000000 ____D () C:\Users\XXX\AppData\Local\Adobe
2014-06-16 18:24 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 18:24 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 18:21 - 2014-06-11 14:32 - 00000357 _____ () C:\Users\XXX\Desktop\CB1314CD (D) 0 Bytes.lnk
2014-06-16 18:21 - 2011-01-04 02:32 - 01190413 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 18:19 - 2014-06-01 01:36 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-06-16 18:19 - 2014-06-01 01:36 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-06-16 18:18 - 2012-11-19 03:53 - 00000849 ___SH () C:\Windows\SysWOW64\mmf.sys
2014-06-16 18:18 - 2009-07-14 06:51 - 00130980 _____ () C:\Windows\setupact.log
2014-06-16 18:17 - 2011-03-21 15:22 - 00455918 _____ () C:\Windows\system32\oodbs.lor
2014-06-16 18:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-16 17:59 - 2011-02-11 21:16 - 00003994 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{06B47730-2E11-4EAC-860F-3E454C1893A3}
2014-06-16 15:45 - 2013-10-20 20:32 - 00000000 ____D () C:\Users\XXX\AppData\Local\JDownloader v2.0
2014-06-16 09:55 - 2011-01-04 11:23 - 00710750 _____ () C:\Windows\system32\perfh007.dat
2014-06-16 09:55 - 2011-01-04 11:23 - 00155048 _____ () C:\Windows\system32\perfc007.dat
2014-06-16 09:55 - 2009-07-14 07:13 - 01651678 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-16 00:42 - 2013-05-06 01:17 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Spotify
2014-06-15 15:43 - 2014-06-15 15:43 - 07374613 _____ () C:\Users\XXX\Downloads\sherlock_lost_files_serrated.zip
2014-06-15 15:30 - 2014-06-15 15:29 - 04200000 _____ () C:\Users\XXX\Downloads\holmes.part1.zip
2014-06-15 15:30 - 2014-06-15 15:29 - 02982576 _____ () C:\Users\XXX\Downloads\holmes.part2.zip
2014-06-14 23:51 - 2014-06-14 23:51 - 02380600 _____ () C:\Users\XXX\Downloads\24681_game_extra_1.zip
2014-06-14 23:35 - 2014-06-14 23:35 - 02217975 _____ () C:\Users\XXX\Downloads\Wizzardry7.zip
2014-06-14 21:31 - 2011-02-04 13:28 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-14 21:06 - 2014-06-14 21:06 - 01694763 _____ () C:\Users\XXX\Downloads\civ.zip
2014-06-14 21:00 - 2014-06-14 21:00 - 01802770 _____ () C:\Users\XXX\Downloads\civilization (1).zip
2014-06-14 20:59 - 2014-06-14 20:59 - 01802770 _____ () C:\Users\XXX\Downloads\civilization.zip
2014-06-13 20:47 - 2011-04-28 16:31 - 00000000 ____D () C:\Users\XXX\Desktop\XXX
2014-06-12 17:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-11 19:34 - 2013-01-12 05:54 - 00000000 ____D () C:\Windows\rescache
2014-06-11 18:48 - 2013-01-07 02:19 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\vlc
2014-06-11 18:34 - 2014-06-11 18:33 - 00000295 _____ () C:\Users\XXX\Downloads\BK_AUME_000495DE_LC_128_44100_ste_A2A7Y020DG6BFH.adh
2014-06-11 14:24 - 2014-06-11 14:23 - 00000000 ____D () C:\Users\XXX\Desktop\Dokumente 2014
2014-06-11 14:06 - 2013-09-16 03:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 14:00 - 2014-04-24 01:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-11 14:00 - 2011-05-15 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 14:00 - 2011-02-11 12:55 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 13:51 - 2014-04-27 10:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 13:36 - 2012-11-02 17:41 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Canon
2014-06-10 20:25 - 2011-03-16 00:43 - 00000000 ____D () C:\Users\XXX\Documents\DAModder
2014-06-09 20:39 - 2011-02-05 04:13 - 00000000 ___RD () C:\Users\XXX\Desktop\Spiele
2014-06-09 20:35 - 2014-06-09 20:35 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-06-09 20:34 - 2014-06-09 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-06-09 11:59 - 2012-10-29 01:08 - 00000000 ____D () C:\Users\XXX\AppData\Local\CrashDumps
2014-06-09 10:47 - 2009-07-14 06:45 - 04998952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-09 10:42 - 2011-01-04 02:29 - 02261914 _____ () C:\Windows\PFRO.log
2014-06-09 00:32 - 2013-10-27 10:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-09 00:31 - 2014-06-09 00:30 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-09 00:31 - 2013-07-04 19:42 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-09 00:26 - 2014-06-09 00:24 - 00918952 _____ (Oracle Corporation) C:\Users\XXX\Downloads\chromeinstall-7u60.exe
2014-06-08 21:25 - 2011-01-22 17:16 - 00112720 _____ () C:\Users\XXX\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 16:51 - 2011-05-30 22:38 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-06-08 16:40 - 2014-06-08 16:35 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-06-08 16:40 - 2014-06-08 16:35 - 00001959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-06-08 16:40 - 2014-06-08 16:35 - 00001798 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-06-08 16:34 - 2011-01-22 23:46 - 00000000 ____D () C:\Anwendungen
2014-06-08 16:23 - 2010-08-30 11:26 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-08 14:13 - 2014-04-16 09:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-08 14:06 - 2010-08-30 11:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-08 12:42 - 2014-06-07 16:49 - 00000000 ____D () C:\Users\XXX\Desktop\274_0706
2014-06-08 11:13 - 2014-06-11 12:57 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 12:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 10:19 - 2012-11-24 21:31 - 00000000 ____D () C:\ProgramData\Skype
2014-06-07 22:29 - 2011-03-20 04:07 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\TuneUp Software
2014-06-07 21:06 - 2013-08-18 02:09 - 00000000 ____D () C:\Users\XXX\Documents\Calibre-Bibliothek
2014-06-07 16:51 - 2014-06-07 16:51 - 00272423 _____ () C:\Users\XXX\Downloads\wifiinfoview160.zip
2014-06-07 16:42 - 2014-06-07 16:41 - 00000000 ____D () C:\Users\XXX\AppData\Local\MetaGeek,_LLC
2014-06-07 16:36 - 2014-06-07 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2014-06-07 16:30 - 2014-06-07 16:14 - 04767744 _____ () C:\Users\XXX\Downloads\inSSIDer3121-installer.msi
2014-06-07 15:11 - 2014-06-07 15:11 - 00304384 _____ () C:\Users\XXX\Downloads\wnetwatcher_setup.exe
2014-06-07 15:11 - 2014-06-07 15:11 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2014-06-07 14:55 - 2014-06-07 14:52 - 00710040 _____ () C:\Users\XXX\Downloads\download-wireless-watch.exe
2014-06-07 14:29 - 2014-06-07 14:29 - 00000000 ____D () C:\Users\XXX\Desktop\backups
2014-06-07 14:23 - 2014-06-07 14:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\XXX\Downloads\HiJackThis204 (1).exe
2014-06-07 07:37 - 2011-06-01 18:38 - 00000000 ____D () C:\ProgramData\Rosetta Stone
2014-06-07 07:31 - 2014-06-07 07:31 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2014-06-07 07:31 - 2014-06-07 07:31 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-06-07 07:16 - 2013-12-22 22:05 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-06-06 21:45 - 2011-11-28 19:35 - 00000000 ____D () C:\Users\XXX\AppData\Local\Audible
2014-06-06 20:23 - 2014-06-06 20:23 - 00000000 ___HD () C:\MyWinLockerData
2014-06-06 20:23 - 2010-08-30 11:24 - 00000000 ____D () C:\Program Files (x86)\EgisTec MyWinLocker
2014-06-06 20:15 - 2014-06-06 19:14 - 00000000 ____D () C:\ProgramData\G Data
2014-06-06 19:33 - 2014-06-06 19:33 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-06-06 19:33 - 2014-06-06 19:33 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-06-06 19:33 - 2014-06-06 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE
2014-06-06 19:32 - 2014-06-06 19:32 - 00000000 _____ () C:\Users\XXX\AppData\Roaming\gdfw.log
2014-06-06 19:31 - 2014-06-06 19:31 - 00135168 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-06-06 19:31 - 2014-06-06 19:31 - 00065024 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-06-06 19:31 - 2014-06-06 19:31 - 00057344 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-06-06 19:31 - 2014-06-06 19:31 - 00000779 _____ () C:\Users\XXX\AppData\Roaming\gdscan.log
2014-06-06 19:31 - 2011-01-04 02:49 - 00006754 _____ () C:\Windows\DPINST.LOG
2014-06-06 18:26 - 2011-10-25 17:19 - 00000000 ____D () C:\ProgramData\Norton
2014-06-05 23:04 - 2014-06-05 23:04 - 05128525 _____ () C:\Users\XXX\Downloads\hexuma_man.7z
2014-06-05 22:51 - 2014-06-05 22:51 - 01792866 _____ () C:\Users\XXX\Downloads\hexuma-das-auge-des-kal.zip
2014-06-05 22:03 - 2014-06-05 18:56 - 00000000 ____D () C:\Users\XXX\Documents\panzertacticshd
2014-06-05 18:56 - 2011-03-24 21:37 - 00000000 ____D () C:\Users\XXX\AppData\Local\SKIDROW
2014-06-05 18:15 - 2014-06-05 18:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-05 18:02 - 2014-06-05 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bitComposer Games
2014-06-05 13:24 - 2014-06-05 12:31 - 401627384 _____ () C:\Users\XXX\Downloads\XXX
2014-06-04 22:06 - 2014-04-16 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-03 23:16 - 2014-06-03 23:15 - 07256099 _____ () C:\Users\XXX\Downloads\on-the-ball-world-cup-edition.zip
2014-06-03 02:43 - 2013-09-11 17:29 - 00000000 ____D () C:\Users\XXX\Desktop\O-Gaming Stuff
2014-06-02 23:48 - 2014-06-02 23:46 - 42015633 _____ () C:\Users\XXX\Downloads\ADC_Series_EyeOfTheBeholder.7z
2014-06-02 23:47 - 2013-05-06 01:22 - 00000000 ____D () C:\Users\XXX\AppData\Local\Spotify
2014-06-02 23:04 - 2014-06-02 23:01 - 55482340 _____ () C:\Users\XXX\Downloads\ADC_Series_Ishar.7z
2014-06-02 15:31 - 2014-06-02 15:28 - 48609097 _____ () C:\Users\XXX\Downloads\ADC_Series_Thalion.7z
2014-06-02 15:26 - 2014-06-02 15:26 - 05672195 _____ () C:\Users\XXX\Downloads\ADC_!base!.7z
2014-06-02 14:09 - 2014-06-02 13:06 - 00000000 ____D () C:\Users\XXX\Desktop\273_0206
2014-06-01 17:34 - 2014-06-01 17:34 - 00000717 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order.lnk
2014-06-01 16:59 - 2011-01-22 22:20 - 00000000 ____D () C:\Spiele
2014-06-01 10:27 - 2011-02-05 04:14 - 00000000 ___RD () C:\Users\XXX\Desktop\XXX
2014-06-01 10:26 - 2014-06-01 10:23 - 00000000 ____D () C:\Users\XXX\Desktop\Bilder
2014-06-01 10:20 - 2014-06-01 10:20 - 00106031 _____ () C:\Users\XXX\Downloads\usbdeview-x64.zip
2014-05-30 13:24 - 2014-05-30 13:24 - 01250152 _____ () C:\Users\XXX\Downloads\Amberstar.zip
2014-05-30 12:21 - 2014-06-11 12:59 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 12:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 12:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 12:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 12:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 12:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 12:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 12:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 12:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 12:59 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 12:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 12:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 12:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 12:59 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 12:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 12:59 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 12:59 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 12:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 12:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 12:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 12:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 12:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 12:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 12:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 13:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 12:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 12:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 12:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 12:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 12:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 12:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 12:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 13:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 12:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 12:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 12:59 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 12:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 12:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 13:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 12:59 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 12:59 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 12:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 12:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 12:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 12:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 12:59 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 12:59 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 12:59 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 12:59 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 12:59 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 12:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 12:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 21:43 - 2014-05-29 21:40 - 07355793 _____ () C:\Users\XXX\Downloads\aorCampaignsPack.rar
2014-05-29 21:43 - 2014-05-29 21:37 - 28245690 _____ () C:\Users\XXX\Downloads\aorScenariosPack.rar
2014-05-29 20:38 - 2014-05-29 20:38 - 01821774 _____ () C:\Users\XXX\Downloads\wargame-construction-set-ii-tanks.zip
2014-05-29 19:23 - 2014-05-29 19:22 - 09308413 _____ () C:\Users\XXX\Downloads\sid-meiers-railroad-tycoon-deluxe.zip
2014-05-29 18:34 - 2014-05-29 18:34 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\NVIDIA
2014-05-29 18:33 - 2014-05-29 18:32 - 04857538 _____ () C:\Users\XXX\Downloads\lords-of-the-realm.zip
2014-05-29 16:05 - 2014-05-29 16:05 - 02702643 _____ () C:\Users\XXX\Downloads\empire-deluxe.zip
2014-05-29 12:52 - 2014-05-29 12:51 - 08214483 _____ () C:\Users\XXX\Downloads\empire-ii-the-art-of-war.zip
2014-05-29 12:10 - 2014-05-29 12:10 - 04007747 _____ () C:\Users\XXX\Downloads\dune-ii-the-building-of-a-dynasty.zip
2014-05-29 12:00 - 2014-05-29 11:59 - 13858942 _____ () C:\Users\XXX\Downloads\crusade.zip
2014-05-29 11:27 - 2014-05-29 11:27 - 09658277 _____ () C:\Users\XXX\Downloads\crisis-in-the-kremlin.zip
2014-05-29 11:20 - 2014-05-29 11:20 - 01009024 _____ () C:\Users\XXX\Downloads\clash-of-steel-world-war-ii-europe-1939-45.zip
2014-05-29 11:10 - 2014-05-29 11:10 - 00475637 _____ () C:\Users\XXX\Downloads\bush-buck-global-treasure-hunter.zip
2014-05-29 10:21 - 2014-05-29 10:20 - 14769279 _____ () C:\Users\XXX\Downloads\Windows 3 for DOSBox.rar
2014-05-29 10:09 - 2014-05-29 10:09 - 00134198 _____ () C:\Users\XXX\Downloads\balance-of-power-the-1990-edition.zip
2014-05-28 20:12 - 2013-02-20 20:10 - 00000000 ____D () C:\Users\XXX\Documents\FUSSBALL MANAGER 13
2014-05-28 18:54 - 2014-05-28 18:53 - 15259203 _____ () C:\Users\XXX\Downloads\fmc_db_mp_europa (2).exe
2014-05-28 00:00 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-27 23:59 - 2012-09-16 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-05-27 20:07 - 2013-07-03 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-05-27 20:03 - 2014-05-27 20:03 - 00000000 ____D () C:\Users\XXX\Documents\FIFA MANAGER 13
2014-05-27 19:50 - 2011-01-04 02:59 - 00663779 _____ () C:\Windows\DirectX.log
2014-05-26 22:53 - 2011-01-29 05:01 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-24 22:05 - 2014-05-24 22:05 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grandy Games
2014-05-24 22:05 - 2014-05-24 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grandy Games
2014-05-24 16:54 - 2012-10-09 15:39 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\dvdcss
2014-05-24 11:59 - 2014-05-24 11:59 - 00196754 _____ () C:\Users\XXX\Downloads\msvcp110.zip
2014-05-23 11:19 - 2014-05-23 11:17 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-23 11:11 - 2014-05-23 11:11 - 00921512 _____ (Oracle Corporation) C:\Users\XXX\Downloads\chromeinstall-7u55.exe
2014-05-23 01:17 - 2014-04-27 14:55 - 00000000 ____D () C:\Users\XXX\AppData\Local\NVIDIA
2014-05-20 22:08 - 2011-01-22 17:17 - 00000000 ___RD () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 22:08 - 2011-01-22 17:17 - 00000000 ___RD () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 21:10 - 2009-07-14 04:34 - 00000489 _____ () C:\Windows\win.ini
2014-05-20 21:05 - 2012-06-26 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2014-05-18 11:00 - 2013-01-09 14:14 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\.minecraft
2014-05-18 10:55 - 2014-05-18 10:55 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-05-18 10:48 - 2014-05-18 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2014-05-18 10:46 - 2014-05-18 10:45 - 02773664 _____ (Crystal Dew World ) C:\Users\XXX\Downloads\CrystalDiskInfo6_1_12-en.exe
2014-05-18 10:36 - 2011-01-04 02:54 - 00000000 ____D () C:\ProgramData\Temp
2014-05-17 00:42 - 2014-05-17 00:42 - 02296616 _____ () C:\Users\XXX\Downloads\GrepolisBot2_v2.61.0.1.zip
Some content of TEMP:
====================
C:\Users\XXX\AppData\Local\Temp\card_setup.exe
C:\Users\XXX\AppData\Local\Temp\FileSystemView.dll
C:\Users\XXX\AppData\Local\Temp\gkc.exe
C:\Users\XXX\AppData\Local\Temp\ICReinstall_download-wireless-watch.exe
C:\Users\XXX\AppData\Local\Temp\install_flashplayer13x32_mssd_aaa_aih.exe
C:\Users\XXX\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\XXX\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\XXX\AppData\Local\Temp\ose00000.exe
C:\Users\XXX\AppData\Local\Temp\ose00001.exe
C:\Users\XXX\AppData\Local\Temp\proxy_vole3428219837783867902.dll
C:\Users\XXX\AppData\Local\Temp\proxy_vole6236970837631536634.dll
C:\Users\XXX\AppData\Local\Temp\sfamcc00001.dll
C:\Users\XXX\AppData\Local\Temp\sfextra.dll
C:\Users\XXX\AppData\Local\Temp\Uninstall.exe
C:\Users\XXX\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\XXX\AppData\Local\Temp\xd510mtr.dll
C:\Users\XXX\AppData\Local\Temp\_isF848.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-09 07:06
==================== End Of Log ============================
--- --- --- |
|
16.06.2014, 19:58
| #4 |
| | Windows 7: Schwieriger Trojaner? FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2014
Ran by XXX at 2014-06-16 20:22:56
Running from C:\Users\XXX\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
9kw.eu - Installer - Java Plugin für JDownloader (HKLM-x32\...\9kw.eu Java Plugin für JDownloader) (Version: - 9kw.eu - Captcha Service for the user - captcha solver)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.5 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arsenal of Democracy 1.04 (HKLM-x32\...\Arsenal of Democracy_is1) (Version: - GamersGate)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.01 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed III (HKLM-x32\...\{8B8E431A-A079-4D81-A353-D64BC01E209D}_is1) (Version: 1.01 - RAF)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004368638.48.56.33426802 - Audible, Inc.)
Avira UnErase Personal (HKLM-x32\...\Avira UnErase Personal) (Version: - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BayDesigner - Deinstallation (HKLM-x32\...\BayDesigner_is1) (Version: 1.35 - Mathias Gerlach [aborange.de])
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
BulletStorm (x32 Version: 1.0.0001.130 - EA) Hidden
calibre 64bit (HKLM\...\{AB95F102-936F-4AF5-81AC-6E65E1ED4278}) (Version: 0.9.44 - Kovid Goyal)
Call of Warhammer: Øòîðì Õàîñà 1.4.4 ENG with music (HKLM-x32\...\Call of Warhammer: Total War_is1) (Version: - Call of Warhammer Team. Ïîðòàë Ñi×ú Total WarS.)
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version: - )
Capitalism II (HKLM-x32\...\{75B9B1F8-0F07-11D6-A801-0050FC209733}) (Version: - )
Civilization.V.GOTY.incl.Gods.and.Kings (HKLM-x32\...\Civilization.V.GOTY.incl.Gods.and.Kings_is1) (Version: - )
ComicRack v0.9.142 (HKLM\...\ComicRack) (Version: v0.9.142 - cYo Soft)
CoreAVC Professional Edition (remove only) (HKLM-x32\...\CoreAVC Professional Edition) (Version: - )
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version: - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
CyberGhost VPN (HKLM\...\CyberGhost VPN_is1) (Version: - CyberGhost S.R.L.)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD09282B-E878-4C2C-914D-E67475E4729C}) (Version: - Microsoft)
Deus Ex (HKLM-x32\...\Deus Ex) (Version: - )
Deus.Ex.Human.Revolution.Directors.Cut (HKLM-x32\...\RGV1c0V4SHVtYW5SZXZvbHV0aW9uRGlyZWN0b3JzQ3V0_is1) (Version: 1 - )
D-Fend Reloaded 1.0.3 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.3.3 - Alexander Herzog)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Gilde Gold Update v. 2.06 (HKLM-x32\...\Die Gilde Gold Update v. 2.06 ) (Version: - )
Die Gilde Gold-Edition (HKLM-x32\...\Die Gilde Gold-Edition) (Version: - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Die Sims™ 3 70er, 80er & 90er Accessoires (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Katy Perry Süße Welt (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die*Sims™*3 Erstelle einen Sim (HKLM-x32\...\{89173B88-384A-459B-B687-9C0BBC934EF4}) (Version: 1.0.25 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.3.1.2 - DivX, LLC)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)
DsaEditor (HKLM-x32\...\DsaEditor) (Version: 0.0.5 - UNKNOWN)
DsaEditor (x32 Version: 0.0.5 - UNKNOWN) Hidden
Duke Nukem Forever (HKLM-x32\...\Duke Nukem Forever_is1) (Version: - )
Dungeon Keeper 2 (HKLM\...\{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
Eador Masters of the Broken World (HKCU\...\Eador Masters of the Broken World) (Version: - )
Epub reader (HKLM-x32\...\{739126B3-1C80-4F1F-8D59-312A19633E1A}_is1) (Version: - )
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Europa Universalis - Rome (HKLM-x32\...\{7FD14A8A-FBCC-4442-ACAC-A0E9EC223AED}) (Version: - )
Europa Universalis III (HKLM-x32\...\{59C80C5E-8C92-40FF-B910-2BB5C7281F61}) (Version: - )
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout New Vegas Ultimate Edition (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: - )
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - )
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.5.0.0 - Electronic Arts)
Freecom GREEN BUTTON 1.47 (HKLM-x32\...\Freecom GREEN BUTTON_is1) (Version: - Freecom)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.0.0 - Electronic Arts)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Gaming Mouse (HKLM-x32\...\Gaming Mouse 3) (Version: - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKCU\...\Google Chrome) (Version: 24.0.1312.56 - Google Inc.)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HandBrake 0.9.5 (HKLM-x32\...\HandBrake) (Version: 0.9.5 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
Heroes of Might and Magic V Collector Edition (HKLM-x32\...\{DDB68A90-340C-42B9-B42B-D2CBED1B91DC}) (Version: - )
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hitchcock (HKLM-x32\...\{4154A302-1301-1023-2001-415258454C01}) (Version: - Arxel Tribe)
Honorbuddy (HKCU\...\{69519df4-3d85-4b10-b09a-a1a7a64ab470}) (Version: 2.5.7496.650 - Bossland GmbH)
Honorbuddy (x32 Version: 2.5.7496.650 - Bossland GmbH) Hidden
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Ihr Firmenname)
ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
iTunes (HKLM\...\{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}) (Version: 10.5.1.42 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader (HKLM-x32\...\JDownloader) (Version: - AppWork UG (haftungsbeschränkt))
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
King's Bounty Crossworlds (HKLM-x32\...\{A3DA7AB8-4A9A-4F86-BA33-9C61B6CE082A}) (Version: 1.31 - 1C Company)
Lands Of Lore 1 and 2 (HKLM-x32\...\Lands Of Lore 1 and 2_is1) (Version: - GOG.com)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
LogiEdit (remove only) (HKLM-x32\...\LogiEdit) (Version: - )
Lotto-Check (HKCU\...\022f67d83d91b1c6) (Version: 1.1.0.19 - LottoCheck)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Maniac Mansion Deluxe (HKLM-x32\...\Maniac Mansion Deluxe) (Version: - )
Mantronic´s KaiserII (Version 2.2) (HKLM-x32\...\Mantronic´s Kaiser II_is1) (Version: 2.2.0 - Mantronic Software)
MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Metro: Last Light (HKLM-x32\...\{33E91A0A-2450-47F4-A5E8-3DFE99F73BA4}_is1) (Version: 1.0 - RAF)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.7.1 - Ubisoft)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Minutor (HKLM-x32\...\{0300BFF4-33A2-4DFB-979D-79AE9D324E81}) (Version: 1.6.3 - Sean Kasun)
mirkes.de Tiny Hexer (HKLM-x32\...\{CC399A03-4695-432E-AE6E-BB450DDE5248}_is1) (Version: 1.8 - markus stephany)
Mit Erfolg bewerben v1.0 (HKLM-x32\...\Mit Erfolg bewerben) (Version: 1.0 - S.A.D)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: - Mobile Connection Manager)
Mozilla Firefox (3.6.14) (HKLM-x32\...\Mozilla Firefox (3.6.14)) (Version: 3.6.14 (de) - Mozilla)
Mozilla Firefox 29.0.1 (x86 de) (HKCU\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
mp3splt-gtk (HKLM-x32\...\mp3splt-gtk) (Version: - )
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version: - )
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA Performance (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA System Update (HKLM-x32\...\InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}) (Version: 3.00 - NVIDIA Corporation)
NVIDIA System Update (x32 Version: 3.00 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{DF54E1D5-B4A3-4F94-B018-75529AB97682}) (Version: 14.0.205 - O&O Software GmbH)
O&O DiskRecovery (HKLM\...\{663A0073-D1FD-42B8-899F-AA5FA8359704}) (Version: 8.0.335 - O&O Software GmbH)
O&O UnErase (HKLM\...\{16EC1499-8B35-431A-B55D-3EE4558C1385}) (Version: 6.0.1899 - O&O Software GmbH)
Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panzer Corps (HKLM-x32\...\Panzer Corps1.00) (Version: 1.00 - Slitherine)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version: - PopCap Games)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Proxy Searcher (HKLM-x32\...\{0A9DA43D-DFEB-43D8-BB0A-1145AF5E99E6}) (Version: 3.00.0000 - Proxy Searcher)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realms of Arkania Pack (HKLM-x32\...\Realms of Arkania Pack_is1) (Version: - GOG.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.49 - Piriform)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Rock Manager (HKLM-x32\...\{4241D2E3-7499-49A5-B92C-F26054427F5A}) (Version: - )
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScummVM 1.5.0 (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
SRWare Iron Version SRWare Iron 34.0.1850.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 34.0.1850.0 - SRWare)
State of Decay - Breakdown (HKLM-x32\...\State of Decay - Breakdown_is1) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steganos Online-Banking 2012 (HKLM-x32\...\{BF72DD91-089A-43A0-A18E-57BC67E2B8A5}) (Version: 2.0.3 - Steganos Software GmbH)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
STREET FIGHTER IV (HKLM-x32\...\{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}) (Version: 1.00.3013 - CAPCOM U.S.A., INC.)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
Tales of Monkey Island (HKLM-x32\...\Tales of Monkey Island) (Version: 3.0.0.0 - Daedalic Entertainment)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
The Complete Ultima VII (HKLM-x32\...\The Complete Ultima VII_is1) (Version: - GOG.com)
The Elder Scrolls V - Dragonborn DLC 1.00 (HKLM-x32\...\The Elder Scrolls V - Dragonborn DLC 1.00) (Version: 1.00 - Ecos)
The Elder Scrolls V Skyrim - Dawnguard 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Dawnguard 1.00) (Version: 1.00 - Ecos)
The Elder Scrolls V Skyrim - Hearthfire 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Hearthfire 1.00) (Version: 1.00 - Ecos)
The Elder Scrolls V Skyrim - Update 11 11.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Update 11 11.00) (Version: 11.00 - Ecos)
The Movies(TM) Stunts & Spezialeffekte (x32 Version: 1.0 - Ihr Firmenname) Hidden
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
Third Age - Total War 2.0 (Part1of2) (HKCU\...\Third Age - Total War 2.0 (Part1of2)) (Version: - )
Third Age - Total War 3.0 (Part 1of2) (HKCU\...\Third Age - Total War 3.0 (Part 1of2)) (Version: - )
Third Age - Total War 3.0 (Part 2of2) (HKCU\...\Third Age - Total War 3.0 (Part 2of2)) (Version: - )
Total War: ROME II Caesar in Gaul (HKLM-x32\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )
Trade Empires (nur Deinstallieren) (HKLM-x32\...\Trade Empires) (Version: - )
TSDoctor (HKLM-x32\...\{40F95BFE-36CF-481F-B7D9-8D8F2F3369F9}) (Version: 1.2.66 - Cypheros)
TuneUp Utilities 2011 (HKLM-x32\...\TuneUp Utilities 2011) (Version: 10.0.2011.48 - TuneUp Software)
TuneUp Utilities 2011 (x32 Version: 10.0.2011.48 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.2011.48 - TuneUp Software) Hidden
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Ultima VIII - Pagan (HKLM-x32\...\Ultima VIII - Pagan_is1) (Version: - GOG.com)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CE9A9D7C-B6FB-4F6C-8BDE-9A1ADBBAC1EE}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{98821750-2C79-4A07-9AE9-D2536FD9491D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B386BAA9-7D92-450E-B43E-BD96B01ADEC0}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F6CE638B-5A06-4EDD-A1FA-BFA827D14071}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{927B47DF-91B2-4EBF-9B66-43B2C95E41BF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{7BD6AF81-49D4-482A-8CDD-90B4031627F2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Verbatim GREEN BUTTON 1.69 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim)
Vermeer 2 (HKLM-x32\...\Vermeer 2_is1) (Version: - Ascaron Entertainment GmbH)
Victoria 2 (HKLM-x32\...\{9C3B7F54-C6E2-4A74-9937-9C6EBA10C4A2}) (Version: - )
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.10.13 - H+H Software GmbH)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebTemp 3.37 (kostenlose Version) (HKLM-x32\...\WebTemp_is1) (Version: - Visualize CPU temperature meter readings measured by SpeedFan and other tools using WebTemp)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
WiMP 2.1.3 (HKLM-x32\...\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1) (Version: 2.1.3 - Aspiro AS)
WiMP 2.1.3 (x32 Version: 2.1.3 - Aspiro AS) Hidden
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )
Worlds of Ultima - Martian Dreams (HKLM-x32\...\GOGPACKWORLDSOFULTIMAMARTIAN_is1) (Version: 2.0.0.17 - GOG.com)
x64 Components v2.7.9 (HKLM\...\x64 Components_is1) (Version: 2.7.9 - Shark007)
XMedia Recode Version 3.1.4.0 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.4.0 - XMedia Recode)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
==================== Restore Points =========================
14-06-2014 00:20:38 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-06-08 16:50 - 00003410 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.52.190
127.0.0.1 OCSP.SPO1.VERISIGN.COM
127.0.0.1 199.7.54.72:80
127.0.0.1 199.7.54.72
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
There are 55 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {0A1EDA7A-E4D9-4AAE-96CA-B1783EF906FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Anwendungen\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {172CDFA4-BC11-49BE-9ED7-690833A0DA6A} - System32\Tasks\APM_off => C:\hdparm\hdparm.exe [2007-02-24] ()
Task: {23AC33A6-71D1-426B-83B7-A4CEF91835F0} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)
Task: {2A64F115-3A86-4ACD-8FA8-2A36F935872E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {490FA879-8515-4106-AF3C-E3BBF962F1B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Anwendungen\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {57F1BEA6-3BF4-4719-A699-6BD496FA779A} - System32\Tasks\{E87F3025-2748-40B5-BC6F-7D05BCF35CE0} => Firefox.exe Downloading
Task: {7C0EBBC9-E939-4EA4-A99A-F84646A1B5CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002Core => C:\Users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)
Task: {8023B071-3019-4ED4-BCDA-0D40A056B5C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {841B145F-F28E-49C2-8E2B-EAD7C4B74F86} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002UA => C:\Users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)
Task: {8B7FF60C-4E64-4734-95B7-3919F9B10B19} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {9365234C-08C5-4202-B0E7-D6E38BB97F64} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-06-24] (Acer)
Task: {A4C86112-6CF0-4E78-A00D-1CB9820F104A} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe [2012-07-05] ()
Task: {AD2E6C75-7654-44DE-8A73-6ADC0A5B8998} - System32\Tasks\{356B8E7B-AE66-4203-B49F-6236AAD8D8B4} => Firefox.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {B9306D00-ACB7-4DE9-BECE-9255739EFFAB} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-07-05] ()
Task: {CB82C90B-D235-4A4C-B108-5EF475D3D8FF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {DD585CB6-C834-47F3-823E-119930CB48AB} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Anwendungen\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
Task: {DF9D207A-52BF-4122-B356-08D3962EA37E} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Anwendungen\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe
Task: {EEC0E1CF-5884-45FA-9203-FB669F38E6D4} - \SidebarExecute No Task File <==== ATTENTION
Task: {F713C9F8-714A-4B8B-ADB2-E52846D080F9} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002Core.job => C:\Users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002UA.job => C:\Users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-27 14:34 - 2014-02-08 20:34 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-27 14:52 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-11-19 03:53 - 2012-11-19 03:53 - 00002560 _____ () C:\Windows\runservice.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-09-30 03:05 - 2009-09-30 03:05 - 01306624 _____ () C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe
2014-04-13 14:57 - 2014-04-13 14:58 - 00429568 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\YouScreen.exe
2014-06-03 02:43 - 2014-05-14 22:55 - 00432128 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepolisBot2.exe
2014-05-17 00:43 - 2014-05-14 22:55 - 00432128 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepolisBot2.exe
2012-11-19 03:53 - 2012-11-19 03:53 - 00048640 _____ () C:\Windows\mmfs.dll
2014-02-24 21:07 - 2014-02-24 21:07 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\29335dc88d799664dcd97362bcb687e9\IsdiInterop.ni.dll
2010-08-30 11:03 - 2010-04-13 18:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-27 14:34 - 2014-02-08 20:34 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2010-08-30 11:45 - 2009-05-20 08:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2012-09-28 02:51 - 2008-08-18 16:08 - 00050688 _____ () C:\Anwendungen\Virtual CD v10\System\ogg.dll
2012-09-28 02:51 - 2008-08-18 16:11 - 01237504 _____ () C:\Anwendungen\Virtual CD v10\System\vorbis.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Anwendungen\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2014-05-20 21:04 - 2014-04-11 15:19 - 00104448 _____ () C:\Anwendungen\SRWare Iron\chrome_elf.dll
2012-06-26 22:36 - 2014-01-30 00:38 - 00902144 _____ () C:\Anwendungen\SRWare Iron\libglesv2.dll
2012-06-26 22:36 - 2014-04-11 15:19 - 00128512 _____ () C:\Anwendungen\SRWare Iron\libegl.dll
2013-09-26 03:46 - 2014-04-11 15:22 - 00950272 _____ () C:\Anwendungen\SRWare Iron\ffmpegsumo.dll
2014-05-14 10:58 - 2014-05-14 21:59 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-06-03 02:43 - 2012-12-14 19:12 - 00194560 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepUnits.dll
2014-06-03 02:43 - 2014-02-12 23:26 - 00161280 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepBuildings.dll
2014-06-03 02:43 - 2012-08-10 00:57 - 00059392 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepCulture.dll
2014-06-03 02:43 - 2012-08-10 00:58 - 00039424 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepFarmers.dll
2014-06-03 02:43 - 2012-08-21 20:11 - 00017408 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepSchedulerSmall.dll
2014-05-17 00:43 - 2012-12-14 19:12 - 00194560 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepUnits.dll
2014-05-17 00:43 - 2014-02-12 23:26 - 00161280 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepBuildings.dll
2014-05-17 00:43 - 2012-08-10 00:57 - 00059392 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepCulture.dll
2014-05-17 00:43 - 2012-08-10 00:58 - 00039424 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepFarmers.dll
2014-05-17 00:43 - 2012-08-21 20:11 - 00017408 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepSchedulerSmall.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:2BE9FEFC
AlternateDataStreams: C:\ProgramData\Temp:55B41E6A
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/16/2014 03:24:26 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/15/2014 01:59:10 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/14/2014 03:42:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/14/2014 01:16:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.2.2.0, Zeitstempel: 0x4e32f719
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x3a04
Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0
Pfad der fehlerhaften Anwendung: AutoKMS.exe1
Pfad des fehlerhaften Moduls: AutoKMS.exe2
Berichtskennung: AutoKMS.exe3
Error: (06/14/2014 01:16:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
bei System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean)
bei AutoKMS.AutoKMS.RunAutoKMS()
bei AutoKMS.Program.Main()
Error: (06/13/2014 02:39:18 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/13/2014 01:16:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.2.2.0, Zeitstempel: 0x4e32f719
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xe38
Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0
Pfad der fehlerhaften Anwendung: AutoKMS.exe1
Pfad des fehlerhaften Moduls: AutoKMS.exe2
Berichtskennung: AutoKMS.exe3
Error: (06/13/2014 01:16:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
bei System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean)
bei AutoKMS.AutoKMS.RunAutoKMS()
bei AutoKMS.Program.Main()
Error: (06/12/2014 02:59:53 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/11/2014 09:15:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Manager.exe, Version 5.5.0.5 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 79c
Startzeit: 01cf8594829fd106
Endzeit: 241
Anwendungspfad: C:\Anwendungen\Audible\Bin\Manager.exe
Berichts-ID: b1f3f67d-f19c-11e3-ba41-1c7508461236
System errors:
=============
Error: (06/16/2014 06:23:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (06/16/2014 06:22:04 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "XXX9" auf Transport "NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (06/16/2014 06:21:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (06/16/2014 06:16:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "G Data Personal Firewall" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/16/2014 06:16:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G Data Personal Firewall erreicht.
Error: (06/16/2014 06:16:15 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053GDFwSvc-Service{1DED95CA-C567-464A-B405-087EDDF0B095}
Error: (06/16/2014 06:15:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (06/16/2014 05:17:15 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (06/16/2014 04:54:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (06/16/2014 02:54:10 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (06/16/2014 03:24:26 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/15/2014 01:59:10 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/14/2014 03:42:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/14/2014 01:16:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoKMS.exe2.2.2.04e32f719KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d3a0401cf875d732f05b9C:\Windows\AutoKMS\AutoKMS.exeC:\Windows\syswow64\KERNELBASE.dllba8a19ad-f350-11e3-ba41-1c7508461236
Error: (06/14/2014 01:16:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
bei System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean)
bei AutoKMS.AutoKMS.RunAutoKMS()
bei AutoKMS.Program.Main()
Error: (06/13/2014 02:39:18 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/13/2014 01:16:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoKMS.exe2.2.2.04e32f719KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42de3801cf869448beee11C:\Windows\AutoKMS\AutoKMS.exeC:\Windows\syswow64\KERNELBASE.dll8df8371b-f287-11e3-ba41-1c7508461236
Error: (06/13/2014 01:16:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: AutoKMS.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
bei System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean)
bei AutoKMS.AutoKMS.RunAutoKMS()
bei AutoKMS.Program.Main()
Error: (06/12/2014 02:59:53 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/11/2014 09:15:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Manager.exe5.5.0.579c01cf8594829fd106241C:\Anwendungen\Audible\Bin\Manager.exeb1f3f67d-f19c-11e3-ba41-1c7508461236
==================== Memory info ===========================
Percentage of memory in use: 78%
Total physical RAM: 3766.71 MB
Available physical RAM: 820.07 MB
Total Pagefile: 6209.91 MB
Available Pagefile: 1417.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:3.41 GB) NTFS
Drive d: (CB1314CD) (CDROM) (Total:0.57 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 092EC1A5)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
17.06.2014, 09:43
| #5 |
| /// the machine /// TB-Ausbilder | Windows 7: Schwieriger Trojaner? hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.06.2014, 16:55
| #6 |
| | Windows 7: Schwieriger Trojaner? tja, da geht gar nix...ich krieg die meldung, dass diese datei nicht mit der ausgeführten windows version kompatibel ist. ich hab es mal von da runtergeladen: hxxp://www.bleepingcomputer.com/download/combofix/dl/12/ nach dem scan und einem neustart hab ich jetzt blöderweise das problem, dass das taskleistensymbol von g-data security nicht mehr da ist  Combofix Logfile: Code:
ATTFilter ComboFix 14-06-16.01 - XXX 17.06.2014 16:54:20.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3767.1195 [GMT 2:00]
ausgeführt von:: c:\users\XXX\Desktop\ComboFix.exe
AV: G Data InternetSecurity CBE *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
FW: G Data Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
SP: G Data InternetSecurity CBE *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\users\XXX\4.0
c:\windows\isRS-000.tmp
c:\windows\IsUn0407.exe
c:\windows\SysWow64\ESPI11.dll
c:\windows\SysWow64\start.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-05-17 bis 2014-06-17 ))))))))))))))))))))))))))))))
.
.
2014-06-17 15:16 . 2014-06-17 15:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-17 12:10 . 2014-06-17 12:10 -------- d-----w- c:\users\XXX\AppData\Local\gtk-2.0
2014-06-16 22:30 . 2014-06-16 22:30 -------- d-----w- c:\users\XXX\.thumbnails
2014-06-16 22:27 . 2014-06-16 22:27 -------- d-----w- c:\users\XXX\AppData\Local\fontconfig
2014-06-16 22:26 . 2014-06-17 13:38 -------- d-----w- c:\users\XXX\.gimp-2.8
2014-06-16 22:26 . 2014-06-16 22:26 -------- d-----w- c:\users\XXX\AppData\Local\gegl-0.2
2014-06-16 18:17 . 2014-06-16 18:24 -------- d-----w- C:\FRST
2014-06-16 16:32 . 2014-06-16 20:47 -------- d-----w- c:\users\XXX\AppData\Local\Adobe
2014-06-11 11:58 . 2014-05-19 23:18 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9DF4F435-B9C2-4960-A5B0-3770945DCEEE}\mpengine.dll
2014-06-11 10:59 . 2014-06-02 06:03 810200 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2014-06-11 10:57 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-11 10:57 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-08 22:31 . 2014-06-08 22:31 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-06-08 22:31 . 2014-05-07 13:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-08 08:19 . 2014-06-08 08:19 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-06-07 14:41 . 2014-06-07 14:42 -------- d-----w- c:\users\XXX\AppData\Local\MetaGeek,_LLC
2014-06-07 05:31 . 2014-06-07 05:31 18160 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys
2014-06-07 05:31 . 2014-06-07 05:31 106272 ----a-w- c:\windows\system32\drivers\GRD.sys
2014-06-06 18:23 . 2014-06-06 18:23 -------- d-----w- C:\MyWinLockerData
2014-06-06 17:33 . 2014-06-06 17:33 68608 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2014-06-06 17:33 . 2014-06-06 17:33 64000 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
2014-06-06 17:31 . 2014-06-06 17:31 65024 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2014-06-06 17:31 . 2014-06-06 17:31 57344 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2014-06-06 17:31 . 2014-06-06 17:31 135168 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2014-06-06 17:29 . 2014-06-06 17:29 -------- d-----w- c:\program files (x86)\Common Files\G Data
2014-06-06 17:14 . 2014-06-06 18:15 -------- d-----w- c:\programdata\G Data
2014-06-05 16:06 . 2014-06-05 16:15 -------- d-----w- c:\programdata\Package Cache
2014-05-29 16:34 . 2014-05-29 16:34 -------- d-----w- c:\users\XXX\AppData\Roaming\NVIDIA
2014-05-24 20:01 . 2000-05-16 08:40 83968 ----a-w- c:\windows\UnGins.exe
2014-05-24 20:01 . 2000-03-06 22:00 237568 ----a-w- c:\windows\SysWow64\Unlha32.dll
2014-05-24 20:01 . 2000-03-06 22:00 473600 ----a-w- c:\windows\SysWow64\Harmony.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-11 12:00 . 2011-02-11 10:55 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-06-08 12:13 . 2014-04-16 07:48 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-14 19:59 . 2012-06-26 21:39 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-14 19:59 . 2011-05-28 17:51 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 08:27 . 2014-05-14 08:27 17938608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-05-12 05:26 . 2014-04-16 07:48 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-12 05:26 . 2014-04-16 07:48 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-12 05:25 . 2014-04-16 07:48 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-14 16:10 . 2014-04-14 16:10 255352 ----a-w- c:\windows\SysWow64\awrdscdc.ax
2014-04-12 02:22 . 2014-05-14 21:51 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:22 . 2014-05-14 21:51 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:19 . 2014-05-14 21:51 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 21:51 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 21:51 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 21:51 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 21:51 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 21:51 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 21:51 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-03-31 07:35 . 2011-02-12 23:29 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-25 02:43 . 2014-05-14 21:52 14175744 ----a-w- c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:18 1730264 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:18 1730264 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:18 1730264 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Gaming Mouse"="c:\anwendungen\Gaming Mouse\Gaming Mouse.exe" [2009-09-30 1306624]
"VC10Player"="c:\anwendungen\Virtual CD v10\System\VC10Play.exe" [2011-05-20 411976]
"GDFirewallTray"="c:\anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-12-19 1724728]
"G Data ASM"="c:\anwendungen\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" [2013-12-19 431224]
"Acrobat Assistant 8.0"="c:\anwendungen\Acrobat 11.0\Acrobat\Acrotray.exe" [2014-05-08 3499896]
.
c:\users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Verbatim GREEN BUTTON.lnk - c:\anwendungen\GREEN BUTTON\GREEN BUTTON.exe /a [2013-5-22 508176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Acrobat Speed Launcher"="c:\anwendungen\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\anwendungen\Acrobat 9.0\Acrobat\Acrotray.exe"
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"SwitchBoard"=c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"Wondershare Helper Compact.exe"=c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
"QuickTime Task"="c:\anwendungen\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe;c:\windows\runservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\anwendungen\Skype\Updater\Updater.exe;c:\anwendungen\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\MARZIP~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\MARZIP~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe;c:\program files\CyberGhost VPN\CGVPNCliService.exe [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;c:\spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe;c:\spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 HH10Help.sys;HH10Help.sys;c:\windows\system32\drivers\HH10Help.sys;c:\windows\SYSNATIVE\drivers\HH10Help.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys;c:\windows\SYSNATIVE\drivers\SndTAudio.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
R4 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\anwendungen\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\anwendungen\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
R4 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S1 SLEE_17_DRIVER;Steganos Live Encryption Engine 17 [Driver];c:\windows\Sleen1764.sys;c:\windows\Sleen1764.sys [x]
S1 vdrv1000;vdrv1000;c:\windows\system32\DRIVERS\vdrv1000.sys;c:\windows\SYSNATIVE\DRIVERS\vdrv1000.sys [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\anwendungen\InternetSecurity\AVK\AVKService.exe;c:\anwendungen\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe;c:\anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 OODefragAgent;O&O Defrag;c:\anwendungen\Defrag\oodag.exe;c:\anwendungen\Defrag\oodag.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 VC10SecS;Virtual CD v10 Management Service;c:\anwendungen\Virtual CD v10\System\VC10SecS.exe;c:\anwendungen\Virtual CD v10\System\VC10SecS.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 GDFwSvc;G Data Personal Firewall;c:\anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys;c:\windows\SYSNATIVE\DRIVERS\nvoclk64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SjtWinIo;SJT I/O Driver;c:\windows\system32\DRIVERS\SjtWinIo.sys;c:\windows\SYSNATIVE\DRIVERS\SjtWinIo.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]
S3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys;c:\windows\SYSNATIVE\DRIVERS\vcd10bus.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-26 19:59]
.
2014-06-16 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-07-04 22:56]
.
2013-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002Core.job
- c:\users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 00:49]
.
2013-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002UA.job
- c:\users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 00:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:15 2335960 ----a-w- c:\anwend~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:15 2335960 ----a-w- c:\anwend~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:15 2335960 ----a-w- c:\anwend~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = www.google.com
IE: An OneNote s&enden - c:\anwend~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\anwend~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\anwendungen\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\
FF - prefs.js: browser.search.selectedEngine - Google Deutschland
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10001&q=
FF - prefs.js: network.proxy.ftp - 192.227.139.215
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 192.227.139.215
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 192.227.139.215
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 192.227.139.215
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Adobe ARM - c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Die Gilde Gold Update v. 2.06 - f:\spiele\DIEGIL~1\UNWISE.EXE
AddRemove-Die Gilde Gold-Edition - f:\spiele\DIEGIL~1\UNWISE.EXE
AddRemove-Vampire - c:\windows\IsUn0407.exe
AddRemove-Eador Masters of the Broken World - e:\spiele\Eador Masters of the Broken World\Uninstal.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vdrv1000]
"ImagePath"="system32\DRIVERS\vdrv1000.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="F7A844294C437EF34CC7F8B526D7829EA242FB7393845D3EC04AC3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C5D575E7D6A3B9808C038D530D6EB34525AB4ECDE9C442A25A33408B82052C5BC531AF98D0657FE8F65284A42A429AB000566CDA62E69D91AF36E2E56761B7E0137CD46B311CDF8EEA7FD446B445ADE403A60A80C3AA82398AED3882E18907F8AFB59ACA9D23FB9DA994475576134B24912F813F333C9C6F8E948907605D4FD5350C72D94F4C50E8E274FFEC0F36C28B855707445003D9CD86D1092E6312FC7191C09962019A1570AF5D7D861E95B556E8666086DF7138D99B458AF3F820A3ADEF66E90F9D13608905B7A4D78257E628D58E1DEDE6B0297DFF12E5B3FD4F4496AAFB09456A88CA8A8E1B67B4C79760D7FB0CA5B8B9B63CE1408825F2EF423FB44C76B6FEA9850579D47F256A0B00827EEAC6E366EBF3558E412AE5955A96B6E3DF31E457291D0C1FEFE7523C4861D944D9B7FFA8200996E43596BB881A6474EE51F2B09AAF7822E9E2FEAFD852DC0D04D811388C8FA565F63E0D6430419D6E015645A06D824FD7495B26555B8CAA4E66994229446C2558D3FDB7490351EDDFB6497585AC061FC80BD97576C35F41F795B410A2504DDA56F13B3A90E6B4AC08B313EB3F62E71E0D237219AD955BBA63DA4260C968DC5768E618341FC87240D8DA08F5E2170052E7F6345EA07FA205A7B0A984F19F4E8200AEE9E6AF167A67097167B32F4D8478A2F6B2EE8B50994F992121EDA30CC291C154406365574C0BCCEBB2269DDBED3C39D393B97756605E9F18A749C3430DC07F32EF41B641655EA6F815A231EFDB8C99A7CFDE1AE7F4C3420810867CEB9CCA401BE56F4AEB93C154998AC624C73FB300CA7BE929BC33D85364D7F6E020B39D82C4B4B809A523FF93F76D610518295ADE9F2755A4CA61CAE618431CDA0C952AF76EB29E0DFD59F7C48D5C9F6EB116F203F59534DA19F21246204A700539C3ED577FEF61D0C3C0E236F362C472D8BEB86AC19B864D32C79FE10ECA3E815B0181DD7A5F11F7E05329954D6D6127A5EDD0567B63DFBECC8C77CD12199CBB438ECFBD5C38B346EAFA62E2A4158500FFD8EE23777AB554C7B20FC26C92E54D7653F8A4582E59062C3FB54B83DF05D76E0380B7768029225CB8B071DD43F8E7573048A8C505CC9B7CA34235BD816F815800C111A57733DFBC30641DDEEDAEBD99D275AA3DDF85A2051475400E7F1C59EDC2D2522D864C2ADF403F89F10C64224A385019A207EA09E699D47AB7FE1CA1EF635A0A842F1F168F1E421326DF74AC7CBF1A813D0DF5E8EA9198074F9F775F057AE7FD9AF6A012F5286CB74049BA10EDEB01F44EBC63B1AA98C2485757893C8871B"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB]
"1"=hex:47,af,e3,b9,38,4b,f6,e6,cb,8b,59,0c,3a,af,c5,a2,d6,9f,52,ce,23,dc,1a,
c2
"2"=hex:d1,c8,c3,5e,08,10,b9,8f,1e,fd,a6,7c,f5,6d,b0,f3,a6,71,8f,f8,ab,bd,bd,
76,64,10,04,f0,92,77,f9,20
"3"=hex:47,af,e3,b9,38,4b,f6,e6,cb,8b,59,0c,3a,af,c5,a2,ac,98,11,9b,be,95,83,
07,ae,ba,7e,d8,e6,d6,56,50,c4,dc,bb,7b,18,78,a4,de,04,5c,25,4e,9f,d7,39,6d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\7BF9E831E71B650D9FD9ADA9E13AF2CA]
"1"=hex:47,e4,6c,02,68,b4,3b,2b,30,11,db,3c,35,63,21,d4,11,b1,7e,c5,ed,aa,8e,
1a,3b,92,af,55,30,f0,da,a7
"2"=hex:14,ce,87,8d,79,74,ee,b2
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:4e,ca,d8,2b,00,91,07,cb,e5,4a,79,1c,34,13,96,23,d7,94,76,0d,ab,15,c7,
2b,c2,02,7b,d4,4f,57,b3,69
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-17 17:21:14
ComboFix-quarantined-files.txt 2014-06-17 15:21
.
Vor Suchlauf: 15 Verzeichnis(se), 16.654.204.928 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 17.442.680.832 Bytes frei
.
- - End Of File - - DD12D8BD0E5B44E80D856D6E8F1522B2
|
|
18.06.2014, 09:42
| #7 |
| /// the machine /// TB-Ausbilder | Windows 7: Schwieriger Trojaner? Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2014, 10:07
| #8 |
| | Windows 7: Schwieriger Trojaner? hallo, mir ist gerade etwas sehr verdächtiges aufgefallen...meine firewall hat eine datei geblockt  die firefox starten wollte...das ziel war eine ip von telefonica.de   |
|
10.07.2014, 11:07
| #9 |
| /// the machine /// TB-Ausbilder | Windows 7: Schwieriger Trojaner? Jo, mach trotzdem bitte obiges.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: Schwieriger Trojaner? |
| acrobat update, adobe, antivirus, arbeitsspeicher voll, bho, browser, cyberghost, desktop, explorer, flash player, g-data, hijack, hijack this, hijackthis, internet, internet explorer, launch, logfile, musik, nicht geöffnet., object, performance, schnellleiste, security, senden, software, system, trojaner, trojaner?, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
