| |
| |||||||
Log-Analyse und Auswertung: Windows 7: CPU Auslastung 100%Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
20.08.2014, 08:29
| #1 |
 |  Windows 7: CPU Auslastung 100% Hallo, von Zeit zu Zeit steigt meine CPU-Auslastung auf 100%. Das Problem tritt nach (längerer) Browser-Nutzung auf (Ich verwende Google Chrome Version 36.0.1985.143 m, das Problem ist aber unter Firefox auch aufgetreten). Beim rechtzeitigen Schließen des Browsers geht die CPU-Auslastung wieder zurück. Ansonsten hilft nur ein Neustart. Als Virensoftware verwende ich Sophos Anti-Virus. Ich habe bereits ADW Cleaner und Malwarebytes AntiMalware ausgeführt und beide Werkzeuge haben Adware / Malware gefunden und entfernt (z.B. das Aufzeigen von Werbung beim Start des Browsers). Das Problem mit der CPU-Auslastung wurde aber leider nicht behoben. Ich habe WinZip Malware Protector ausgeführt und dieser findet weitere Schadsoftware (Logfile siehe unten). Zum Bereinigen ist die Software zu kaufen. Ist das zu empfehlen? Vielen Dank! Code:
ATTFilter <?xml version="1.0" encoding="utf-8" standalone="yes"?><?xml-stylesheet type='text/xsl' href='C:\ProgramData\Nico Mak Computing\WinZip Malware Protector\log.xslt'?><info><LangStrings><string1>Datum der Überprüfung</string1><string2>Datenbankversion</string2><string3>Gefundene Elemente insgesamt</string3><string4>Überprüfte Objekte:</string4><string5>Abgelaufene Zeit:</string5><string6>Name</string6><string7>Gefundene Elemente</string7><string8>Name der Infektion</string8><string9>Kategorie</string9><string10>Bedrohungsstufe</string10><string11>Durchgeführte Aktion</string11><string12>Elemente gefunden</string12><string13>Gefundener Bereich</string13><string14>Details</string14><string15>Dateiname</string15><string16>MD5</string16><string17>Signatur</string17><string18>Registrierungsschlüssel</string18><string19>Keine Infektionen entdeckt.</string19><string20 /></LangStrings><loginfo><date>18.08.2014 13:09:37</date><key /><istrial>True</istrial><system>H_DA-NB-HUMM|192.168.178.22;192.168.178.21;192.168.21.1;169.254.110.12|00-21-6A-A7-5D-5A</system><scantype>DeepScan</scantype><os>Windows 7 64 Bit, Version : Microsoft Windows NT 6.1.7600.0</os><dbversion>1918</dbversion><time>00:23:46</time><objectscanned>284590</objectscanned><objectfound>23</objectfound><cultureinfo>German (Germany)</cultureinfo><version>2.1.1000.10798</version></loginfo><companyinfo><companyname>Nico Mak Computing</companyname><productname>WinZip Malware Protector</productname><copyright>© 2013 WinZip International LLC. All rights reserved.</copyright></companyinfo><log logdate="Mittwoch, 23. Juli 2014" databaseversion="1890" objectscanned="284590" timeelapsed="00:23:46"><SerializableDictionaryOfStringListOfcFoundItems><Item><Key><string>adware.driverupdate</string></Key><Value><ArrayOfFI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>FilePaths</FT><V1>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\settings.db</V1><V2>0</V2><V3>0</V3><V4>919d2149977d57938a74347ca4f70d34</V4><V5>0|</V5><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\settings.db</DV><FA>FileSystem</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>FilePaths</FT><V1>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\supdates.db</V1><V2>0</V2><V3>0</V3><V4>05af32a95c8d9fe177691ab13805152a</V4><V5>0|</V5><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\supdates.db</DV><FA>FileSystem</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>FilePaths</FT><V1>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\swdumon.cat</V1><V2>0</V2><V3>0</V3><V4>57c5e5067a602bd3c931c37404e479ad</V4><V5>0|</V5><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\swdumon.cat</DV><FA>FileSystem</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>FilePaths</FT><V1>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\swdumon.inf</V1><V2>0</V2><V3>0</V3><V4>b65ddb94d2d123934de74e627ccc663c</V4><V5>0|</V5><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\swdumon.inf</DV><FA>FileSystem</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>FilePaths</FT><V1>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\swdumon.sys</V1><V2>0</V2><V3>3142663018557431264</V3><V4>64bc880edcc1e0b0ab37c6e165f71634</V4><V5>0|</V5><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\swdumon.sys</DV><FA>FileSystem</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>FilePaths</FT><V1>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\images\acer.png</V1><V2>0</V2><V3>0</V3><V4>7f82dcde9e8771dc032c21a693a8ecd1</V4><V5>0|</V5><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV>c:\users\humm\appdata\local\slimware utilities inc\driverupdate\images\acer.png</DV><FA>FileSystem</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_current_user</V1><V2>software\slimware utilities inc\driverupdate</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_current_user</V1><V2>software\slimware utilities inc\driverupdate</V2><V3>installationsessionid</V3><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>0</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_current_user</V1><V2>software\slimware utilities inc</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_current_user</V1><V2>software\slimware utilities inc</V2><V3>tbinstallationsessionid</V3><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>0</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc\driverupdate\pngs</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc\driverupdate\pngs</V2><V3>rn</V3><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>0</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc\driverupdate\registration</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc\driverupdate\registration</V2><V3>installationid</V3><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>0</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc\driverupdate</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc\driverupdate</V2><V3>installationsessionid</V3><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>0</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc\driverupdate</V2><V3>installeroverlay</V3><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>0</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>226748</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc</V2><V3>machineid</V3><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>0</ID></FI><FI><C>Adware</C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\slimware utilities inc</V2><V3>tbinstallationsessionid</V3><WSS>None</WSS><PID>false</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>0</ID></FI></ArrayOfFI></Value></Item><Item><Key><string>worm-email.generic</string></Key><Value><ArrayOfFI><FI><C>Email-Worm </C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\classes\.aid</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>211519</ID></FI><FI><C>Email-Worm </C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\classes\.bil</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>211519</ID></FI><FI><C>Email-Worm </C><TL>High</TL><AP>NoActionTaken</AP><ActionToPerform>None</ActionToPerform><FT>Registry</FT><V1>hkey_local_machine</V1><V2>software\classes\.bml</V2><V3 /><WSS>None</WSS><PID>true</PID><CMP>NotPacked</CMP><DV /><FA>Registry</FA><RBT>None</RBT><ID>211519</ID></FI></ArrayOfFI></Value></Item></SerializableDictionaryOfStringListOfcFoundItems></log></info>
|
|
20.08.2014, 08:30
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: CPU Auslastung 100% hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
20.08.2014, 13:19
| #3 |
| | Windows 7: CPU Auslastung 100% Herzlichen Dank für die sensationell schnelle Antwort!
__________________Ich habe FRST 64-BIT heruntergeladen und den Scan gestartet. Dieser läuft nun schon seit über 3 Stunden und ich frage mich, ob das normal ist. Nach über 4h läuft der Scan immer noch mit der (flackernden) Anzeige "Getting Office Sessions errors: 5524". Ich breche den Scan nun ab. Allerdings wurden die beiden Dateien geschrieben, die ich hier anhänge: FRST.txt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by humm (administrator) on H_DA-NB-HUMM on 20-08-2014 09:34:23
Running from C:\Users\humm\Downloads
Platform: Windows 7 Professional (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\stacsv64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
() C:\Program Files\VPN Client\dtpd.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\VPN Client\iked.exe
() C:\Program Files\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Broadcom Corporation) C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Dropbox, Inc.) C:\Users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\PanelHelper32.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DellControlPoint] => C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [657920 2009-11-02] (Dell Inc.)
HKLM\...\Run: [USCService] => C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [34232 2010-01-05] (Broadcom Corporation)
HKLM\...\Run: [DellConnectionManager] => C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [1845248 2009-12-22] (Smith Micro Software, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [342528 2009-06-19] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-09] (IDT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-02-07] (Oracle Corporation)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-21] (Sophos Limited)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-3981756314-3708649137-1025281987-1014\...\MountPoints2: {f1500e9e-408e-11e3-b11d-b6b368ae9a3c} - G:\LaunchU3.exe -a
HKU\S-1-5-21-3981756314-3708649137-1025281987-1014\...\Winlogon: [Shell] C:\Windows\explorer.exe [2870272 2011-02-26] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-3981756314-3708649137-1025281987-1014\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-3981756314-3708649137-1025281987-1014\$428af870b5871775d68b88a138f1fc34\n. ATTENTION! ====> ZeroAccess?
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-21] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-21] (Sophos Limited)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
ShortcutTarget: Dell ControlPoint System Manager.lnk -> C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Program Files (x86)\VR-NetWorld\VRToolCheckOrder.exe (VR-NetWorld Software)
Startup: C:\Users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OUTLOOK.EXE - Verknüpfung.lnk
ShortcutTarget: OUTLOOK.EXE - Verknüpfung.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: EnabledUnlockedFDEIconOverlay -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: UninitializedFdeIconOverlay -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFB835D73C2E7CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{47A1BE09-EF11-4E1C-A8C5-DACC25BC3447}: [NameServer]141.100.10.110,141.100.10.111
FireFox:
========
FF ProfilePath: C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.fbi.h-da.de/organisation/personen/humm-bernhard.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.5 -> C:\Program Files (x86)\VLC-Player\npvlc.dll (the VideoLAN Team)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\humm\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\humm\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\humm\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\humm\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ScrapBook - C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-11-23]
FF Extension: Adblock Plus - C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-03-24]
FF Extension: QuickJava - C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-06-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-04-11]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-02-23]
Chrome:
=======
CHR HomePage: hxxp://www.fbi.h-da.de/organisation/personen/humm-bernhard.html
CHR Plugin: (Shockwave Flash) - C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VLC-Player\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\humm\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-04]
CHR Extension: (Google-Suche) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-04]
CHR Extension: (AdBlock) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Google Mail) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-04]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [515872 2009-12-10] (Dell Inc.)
R2 dtpd; C:\Program Files\VPN Client\dtpd.exe [50688 2009-11-15] () [File not signed]
R2 iked; C:\Program Files\VPN Client\iked.exe [948224 2009-11-15] () [File not signed]
R2 ipsecd; C:\Program Files\VPN Client\ipsecd.exe [690688 2009-11-15] () [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\my.ini [8914 2012-03-26] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-21] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-21] (Sophos Limited)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1558016 2009-11-18] (Wave Systems Corp.) [File not signed]
R2 SMManager; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [77312 2009-12-22] (Smith Micro Software, Inc.) [File not signed]
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-21] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-21] (Sophos Limited)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe [244736 2010-03-09] (IDT, Inc.)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-21] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-05-21] (Sophos Limited)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] () [File not signed]
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S2 SAVCleanupService; "SAVCleanupService.exe" [X]
S2 Tomcat7; c:\xampp\tomcat\bin\tomcat7.exe //RS//Tomcat7 [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASUSVRC64; C:\Windows\System32\DRIVERS\AsusVRC64.sys [23424 2008-10-13] (ASUSTeK COMPUTER INC.)
R2 BrPar; C:\Windows\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-21] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-21] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-21] (Sophos Limited)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed]
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-05-19] ()
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2010-03-05] (Acronis)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 NvtSp50; System32\Drivers\NvtSp50.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-20 09:34 - 2014-08-20 09:35 - 00032607 _____ () C:\Users\humm\Downloads\FRST.txt
2014-08-20 09:34 - 2014-08-20 09:34 - 00000000 ____D () C:\FRST
2014-08-20 09:33 - 2014-08-20 09:33 - 02101760 _____ (Farbar) C:\Users\humm\Downloads\FRST64.exe
2014-08-19 17:06 - 2014-08-19 17:06 - 00001719 _____ () C:\Users\humm\Downloads\Terminplan_SS14_IHU.ics
2014-08-18 10:11 - 2014-08-18 10:11 - 00001364 _____ () C:\Users\humm\Downloads\cacert.crt
2014-08-17 20:12 - 2014-08-07 03:52 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-17 20:12 - 2014-08-07 03:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 17:08 - 2014-08-07 17:08 - 00000688 _____ () C:\Users\humm\Downloads\TerminExport_140028468tuw133.ics
2014-08-07 13:38 - 2014-08-07 13:38 - 00292880 _____ () C:\Windows\Minidump\080714-30872-01.dmp
2014-08-05 12:04 - 2014-08-05 12:04 - 00003146 _____ () C:\Windows\System32\Tasks\{7316B325-C691-4BA3-A54E-F0B70D944370}
2014-08-05 12:01 - 2014-08-05 12:01 - 00001048 _____ () C:\Users\Public\Desktop\VR-NetWorld.lnk
2014-08-05 11:58 - 2014-08-05 11:59 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\humm\Downloads\VRNetWorldSW_51311.exe
2014-07-25 16:07 - 2014-07-25 16:07 - 00000682 _____ () C:\Users\humm\Downloads\TerminExport_138558299snv133.ics
2014-07-23 20:04 - 2014-08-18 13:09 - 00009902 _____ () C:\Users\humm\Desktop\log.xml
2014-07-23 19:40 - 2014-07-23 19:40 - 00000000 ____D () C:\Users\humm\AppData\Local\Systweak
2014-07-23 19:38 - 2014-08-20 09:11 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-07-23 19:38 - 2014-07-23 19:38 - 00001199 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-07-23 19:38 - 2014-07-23 19:38 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Nico Mak Computing
2014-07-23 19:38 - 2014-07-23 19:38 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-07-23 19:38 - 2014-07-23 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-07-23 19:38 - 2014-07-23 19:38 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-07-23 19:38 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-07-23 19:35 - 2014-07-23 19:35 - 04892480 _____ (WinZip International LLC ) C:\Users\humm\Downloads\wzmp_8.exe
2014-07-23 10:10 - 2014-07-23 10:10 - 00030482 _____ () C:\Users\humm\Downloads\basic.ics
2014-07-23 10:10 - 2014-07-23 10:10 - 00030482 _____ () C:\Users\humm\Downloads\basic (1).ics
2014-07-22 12:09 - 2014-07-22 12:09 - 00000631 _____ () C:\Users\humm\Downloads\Humm_SS14_ProjektSystementwicklungII_414804_Pruefungsnoten.csv
2014-07-22 12:07 - 2014-07-22 12:07 - 00000591 ____R () C:\Users\humm\Downloads\Humm_SS14_ProjektSystementwicklungI_414802_Pruefungsnoten.csv
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-20 09:35 - 2014-08-20 09:34 - 00032607 _____ () C:\Users\humm\Downloads\FRST.txt
2014-08-20 09:34 - 2014-08-20 09:34 - 00000000 ____D () C:\FRST
2014-08-20 09:33 - 2014-08-20 09:33 - 02101760 _____ (Farbar) C:\Users\humm\Downloads\FRST64.exe
2014-08-20 09:18 - 2011-11-25 16:09 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA.job
2014-08-20 09:18 - 2011-11-25 16:09 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core.job
2014-08-20 09:13 - 2010-04-05 05:22 - 01380347 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 09:11 - 2014-07-23 19:38 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-08-20 09:11 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-20 09:11 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-20 09:05 - 2011-02-07 13:26 - 00000000 ___RD () C:\Users\humm\Dropbox
2014-08-20 09:05 - 2011-02-07 13:24 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Dropbox
2014-08-20 09:05 - 2010-04-05 16:03 - 00000000 ____D () C:\Users\humm\AppData\Local\TSVNCache
2014-08-20 09:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-20 09:03 - 2013-07-03 07:27 - 00023875 _____ () C:\Windows\setupact.log
2014-08-19 20:56 - 2010-04-05 22:48 - 00000000 ____D () C:\Users\humm\.freemind
2014-08-19 17:06 - 2014-08-19 17:06 - 00001719 _____ () C:\Users\humm\Downloads\Terminplan_SS14_IHU.ics
2014-08-19 12:14 - 2010-04-06 18:28 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Skype
2014-08-18 15:44 - 2010-04-06 18:27 - 00000000 ____D () C:\ProgramData\Skype
2014-08-18 13:09 - 2014-07-23 20:04 - 00009902 _____ () C:\Users\humm\Desktop\log.xml
2014-08-18 12:22 - 2010-03-04 18:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-18 12:21 - 2013-08-07 19:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-18 12:16 - 2010-03-04 09:52 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-18 12:14 - 2014-07-09 19:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-18 10:11 - 2014-08-18 10:11 - 00001364 _____ () C:\Users\humm\Downloads\cacert.crt
2014-08-17 20:00 - 2014-05-27 10:14 - 00001026 _____ () C:\Users\humm\Desktop\Dropbox.lnk
2014-08-17 20:00 - 2011-02-07 13:24 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-07 17:08 - 2014-08-07 17:08 - 00000688 _____ () C:\Users\humm\Downloads\TerminExport_140028468tuw133.ics
2014-08-07 13:38 - 2014-08-07 13:38 - 00292880 _____ () C:\Windows\Minidump\080714-30872-01.dmp
2014-08-07 13:38 - 2010-10-27 15:33 - 00000000 ____D () C:\Windows\Minidump
2014-08-07 03:52 - 2014-08-17 20:12 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:46 - 2014-08-17 20:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 12:24 - 2009-07-14 12:57 - 00727876 _____ () C:\Windows\system32\perfh007.dat
2014-08-05 12:24 - 2009-07-14 12:57 - 00157592 _____ () C:\Windows\system32\perfc007.dat
2014-08-05 12:24 - 2009-07-14 07:13 - 01699050 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 12:04 - 2014-08-05 12:04 - 00003146 _____ () C:\Windows\System32\Tasks\{7316B325-C691-4BA3-A54E-F0B70D944370}
2014-08-05 12:02 - 2010-04-28 17:38 - 00000000 ____D () C:\Program Files (x86)\VR-NetWorld
2014-08-05 12:01 - 2014-08-05 12:01 - 00001048 _____ () C:\Users\Public\Desktop\VR-NetWorld.lnk
2014-08-05 11:59 - 2014-08-05 11:58 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\humm\Downloads\VRNetWorldSW_51311.exe
2014-08-05 09:20 - 2010-03-04 09:42 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 22:23 - 2013-08-14 15:46 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-07-26 15:19 - 2014-07-18 19:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-25 16:07 - 2014-07-25 16:07 - 00000682 _____ () C:\Users\humm\Downloads\TerminExport_138558299snv133.ics
2014-07-25 08:52 - 2011-08-23 17:48 - 00000000 ____D () C:\Windows\pss
2014-07-25 08:38 - 2012-05-11 22:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 08:38 - 2012-05-11 22:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 19:07 - 2012-05-11 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 19:40 - 2014-07-23 19:40 - 00000000 ____D () C:\Users\humm\AppData\Local\Systweak
2014-07-23 19:38 - 2014-07-23 19:38 - 00001199 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-07-23 19:38 - 2014-07-23 19:38 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Nico Mak Computing
2014-07-23 19:38 - 2014-07-23 19:38 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-07-23 19:38 - 2014-07-23 19:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-07-23 19:38 - 2014-07-23 19:38 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-07-23 19:35 - 2014-07-23 19:35 - 04892480 _____ (WinZip International LLC ) C:\Users\humm\Downloads\wzmp_8.exe
2014-07-23 10:10 - 2014-07-23 10:10 - 00030482 _____ () C:\Users\humm\Downloads\basic.ics
2014-07-23 10:10 - 2014-07-23 10:10 - 00030482 _____ () C:\Users\humm\Downloads\basic (1).ics
2014-07-22 19:32 - 2014-07-07 13:41 - 00000000 ____D () C:\AdwCleaner
2014-07-22 15:09 - 2013-09-09 14:32 - 00011648 _____ () C:\Windows\PFRO.log
2014-07-22 12:09 - 2014-07-22 12:09 - 00000631 _____ () C:\Users\humm\Downloads\Humm_SS14_ProjektSystementwicklungII_414804_Pruefungsnoten.csv
2014-07-22 12:07 - 2014-07-22 12:07 - 00000591 ____R () C:\Users\humm\Downloads\Humm_SS14_ProjektSystementwicklungI_414802_Pruefungsnoten.csv
Files to move or delete:
====================
C:\Users\humm\AppData\Roaming\skype.ini
Some content of TEMP:
====================
C:\Users\humm\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9lcvlq.dll
C:\Users\humm\AppData\Local\Temp\Execute2App.exe
C:\Users\humm\AppData\Local\Temp\msvcp90.dll
C:\Users\humm\AppData\Local\Temp\msvcr90.dll
C:\Users\humm\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by humm at 2014-08-20 09:35:58
Running from C:\Users\humm\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.10 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0910-000001000000}) (Version: 9.10.00.0 - Igor Pavlov)
Acronis*True*Image*Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.6053 - Acronis)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Allegro CL 9.0 Free Express Edition Express (HKLM-x32\...\Allegro CL 9.0 Free Express Edition Express) (Version: - )
ASUS U3100MINI PLUS V2 (HKLM-x32\...\TVRTLDrv) (Version: - )
ATMinInstall64 (Version: 7.10.0.1129 - AuthenTec) Hidden
AutoHotkey 1.1.03.00 (HKLM-x32\...\AutoHotkey) (Version: 1.1.03.00 - AutoHotkey Community)
BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden
Brother HL-3040CN (HKLM-x32\...\{6F7A1B18-5EB3-4827-8644-19BD1277B9B8}) (Version: 1.00 - Brother)
BS64MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.7.1893 - CDBurnerXP)
Cisco WebEx Meeting Center für Firefox oder Chrome (HKLM-x32\...\{50B62367-6210-45E4-AA1E-A0532926E429}) (Version: 8.29.3201 - Cisco WebEx LLC)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.1.15.0 - Swiss Academic Software)
Citrix Presentation Server Client - Web Only (HKLM-x32\...\{C49067A8-8212-4A82-A4D9-1519701644F0}) (Version: 10.100.55836 - Citrix Systems, Inc.)
DCP64MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
Dell Control Point 64 (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Dell ControlPoint Connection Manager 64 (HKLM\...\{CE964618-AED2-4304-AC75-2EF8D0B47ECC}) (Version: 1.4.0 - Ihr Firmenname)
Dell ControlPoint Security Manager (HKLM-x32\...\{F4487649-7368-4217-AEA3-1E04DB3E2C5C}) (Version: 1.6.453.66 - Dell Inc.)
Dell ControlPoint System Manager (HKLM\...\{87EBE6AA-E4AA-4F3B-975C-72575C660BE7}) (Version: 1.4.00000 - Dell Inc.)
Dell ControlVault Host Components Installer 64Bit (Version: 1.7.450.290 - Broadcom Corporation) Hidden
Dell Embassy Trust Suite by Wave Systems (Version: 02.05.00.058 - Wave Systems Corp) Hidden
Dell Security Device Driver Pack (HKLM-x32\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.4.050 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.102.101.230 - ALPS ELECTRIC CO., LTD.)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
EMBASSY Security Center Lite (Version: 04.01.00.029 - Ihr Firmenname) Hidden
EMBASSY Security Center Lite (x32 Version: - ) Hidden
EMBASSY Security Setup (Version: 04.01.00.028 - Ihr Firmenname) Hidden
EMBASSY Security Setup (x32 Version: - ) Hidden
ESC Home Page Plugin (Version: 04.01.00.004 - Ihr Firmenname) Hidden
ESC Home Page Plugin (x32 Version: - ) Hidden
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.2.6 - Telerik)
FileZilla Client 3.3.2 (HKLM-x32\...\FileZilla Client) (Version: 3.3.2 - )
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Gemalto (Version: 01.64.00.0010 - Wave Systems Corp) Hidden
Ghost Control 3.0.6 (HKLM-x32\...\Ghost Control_is1) (Version: - N.R.S.)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript 8.71 (HKLM-x32\...\GPL Ghostscript 8.71) (Version: - )
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
Integrated Webcam Driver (1.03.02.0919) (HKLM\...\Creative OA001) (Version: - )
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.1 - Intel)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.129 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.350 - Oracle)
Java(TM) SE Development Kit 6 Update 26 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
Java(TM) SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
JavaFX(TM) 1.2 SDK (HKLM-x32\...\{5aa47dba-b584-4d47-a626-76e53f010203}) (Version: 1.2.3 - Sun Microsystems, Inc.)
JetBrains PyCharm 2.7.3 (HKLM-x32\...\PyCharm 2.7.3) (Version: 129.782 - JetBrains s.r.o.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MCE Software Encoder 1.1 (HKLM-x32\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.2323 - CyberLink Corporation)
Media Player Classic - Home Cinema v. 1.3.1249.0 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: - ) <==== ATTENTION
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Standard 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Visio MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Project Standard 2010 (HKLM-x32\...\Office14.PRJSTD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu (HKLM\...\{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
MiKTeX 2.8 (HKLM-x32\...\MiKTeX 2.8) (Version: 2.8 - MiKTeX.org)
Mindjet MindManager Viewer 7 (HKLM-x32\...\{8E55813F-2FA3-47E8-9AF9-31DC0B4AE3ED}) (Version: 7.1.394 - Mindjet LLC)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Server 5.1 (HKLM\...\{DE35700E-4D3C-41A5-8BF0-44A5FDE4A6C5}) (Version: 5.1.59 - MySQL AB)
NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
NetBeans IDE 8.0 Beta (HKLM\...\nbi-nb-base-8.0.0.0.201401141042) (Version: 8.0 Beta - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.6 - )
NTRU TCG Software Stack (Version: 2.1.29 - NTRU Cryptosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.54.32 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\nView Desktop Manager) (Version: - )
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.212.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Preboot Manager (Version: 03.01.00.036 - Wave Systems Corp.) Hidden
Python 3.3.2 (64-bit) (HKLM\...\{9fa9a2a6-19e4-381a-8af3-f8cf12f0dcf0}) (Version: 3.3.2150 - Python Software Foundation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Schriftart Hochschule Darmstadt (HKLM-x32\...\{F269C6FD-4675-40D5-85C1-27D5DB39B4CC}) (Version: 1.0 - Default Manufacturer)
Service Pack 1 für SQL Server 2008 (KB 968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slik Subversion 1.8.5 (x64) (HKLM\...\{F69D8404-BCB7-43E4-ACA5-B5D26A2A7C53}) (Version: 1.8.5.0 - SlikSvn & The SharpSvn Project)
SO64MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
StarUML 5.0.2.1570 (HKLM-x32\...\StarUML_is1) (Version: - Plastic Software, Inc.)
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.10408 - TeamViewer GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
tools-linux (x32 Version: 9.2.3.1031769 - VMware, Inc.) Hidden
TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)
TreeSize Free V2.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.5 - JAM Software)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1 - TrueCrypt Foundation)
Trusted Drive Manager (Version: 3.3.0.396 - Wave Systems Corp.) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM-x32\...\{877B3198-1C6B-4A9A-8D28-BE4F6040987F}) (Version: 10.1.2531.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJSTD_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJSTD_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJSTD_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UPEK TouchChip Fingerprint Reader (Version: 1.2.0 - Dell Inc.) Hidden
UTAX TA Product Library (HKLM\...\UTAX TA Product Library) (Version: 2.0.0713 - Kyocera Mita Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.2 - VMware, Inc)
VMware Player (Version: 5.0.2 - VMware, Inc.) Hidden
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version: - )
Wave Infrastructure Installer (Version: 07.65.19.0000 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.11.00.033 - Ihr Firmenname) Hidden
Wave Support Software (x32 Version: - ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
WordNet 2.1 (HKLM-x32\...\{58582B88-0260-4C80-9A89-8CA0923AFD26}) (Version: 2.1 - Princeton University Cognitive Science Laboratory)
XAMPP 1.8.1 (HKLM-x32\...\xampp) (Version: - )
XMind 2013 (v3.4.0) (HKLM-x32\...\XMind_is1) (Version: 3.4.0.201311050558 - XMind Ltd.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> C:\$Recycle.Bin ()
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1E34E4DC-A454-49A1-B3E1-1E637A3474EA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {3F976CE4-699A-4CF8-813C-52E9E825B642} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {5B58430D-2312-481C-A0F1-F226F66EA39A} - System32\Tasks\{DFFDEF7C-2F48-44F9-A85A-1FE5BACC5739} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {814EF0A8-9A18-43A6-A97C-488EFC174306} - System32\Tasks\{090F2998-D097-4CD3-8A97-C89AE5E59AB6} => E:\DELL-Install\2-Diverses\03-CD-Burner\CD Burner XP 4.2.7.1801.exe
Task: {95A41ECC-313A-4987-B4A7-F7639DF8D847} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {CCDA4829-88A0-4922-B351-398B587DADB1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {FEEA4BB5-EC4C-4F7C-B062-03D9D568AE84} - System32\Tasks\{F4C90DB0-FA16-49E5-B41C-2C1B077F9F21} => E:\setup.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core.job => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA.job => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-09-21 16:04 - 2009-09-21 16:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-04-20 17:13 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2009-11-15 20:31 - 2009-11-15 20:31 - 00050688 _____ () C:\Program Files\VPN Client\dtpd.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00026624 _____ () C:\Program Files\VPN Client\libidb.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00013312 _____ () C:\Program Files\VPN Client\liblog.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00017920 _____ () C:\Program Files\VPN Client\libith.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00119296 _____ () C:\Program Files\VPN Client\libip.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034816 _____ () C:\Program Files\VPN Client\libvflt.dll
2009-11-15 20:25 - 2009-11-15 20:25 - 00019456 _____ () C:\Program Files\VPN Client\libdtp.dll
2009-11-15 20:28 - 2009-11-15 20:28 - 00948224 _____ () C:\Program Files\VPN Client\iked.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00030720 _____ () C:\Program Files\VPN Client\libpfk.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034304 _____ () C:\Program Files\VPN Client\libvnet.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00028160 _____ () C:\Program Files\VPN Client\libike.dll
2009-11-15 20:26 - 2009-11-15 20:26 - 00690688 _____ () C:\Program Files\VPN Client\ipsecd.exe
2010-03-04 10:12 - 2009-11-12 14:48 - 00071096 _____ () C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-11-24 14:37 - 2013-11-24 14:37 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-11-24 14:36 - 2013-11-24 14:36 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2009-11-25 01:36 - 2009-11-25 01:36 - 00125440 _____ () C:\Program Files (x86)\Notepad++\NppShell_01.dll
2009-11-13 09:32 - 2009-11-13 09:32 - 00013824 _____ () C:\Windows\system32\Wavx_ESC_Logging.dll
2008-11-12 14:29 - 2008-11-12 14:29 - 00004608 _____ () C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_DEU.dll
2009-12-22 12:21 - 2009-12-22 12:21 - 00128512 _____ () C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMBIOSController.dll
2014-08-20 09:05 - 2014-08-20 09:05 - 00043008 _____ () c:\users\humm\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9lcvlq.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\humm\AppData\Roaming\Dropbox\bin\libcef.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2010-10-25 15:13 - 2010-10-25 15:13 - 02893216 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2010-10-25 15:15 - 2010-10-25 15:15 - 01445888 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-11-24 13:48 - 2013-11-24 13:48 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2013-11-24 13:48 - 2013-11-24 13:48 - 00071408 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2009-09-14 02:06 - 2009-09-14 02:06 - 00204800 _____ () C:\Program Files (x86)\Notepad++\plugins\ComparePlugin.dll
2008-09-06 14:51 - 2008-09-06 14:51 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2007-08-05 03:10 - 2007-08-05 03:10 - 00250368 _____ () C:\Program Files (x86)\Notepad++\plugins\Config\tidy\libTidy.dll
2010-02-21 18:33 - 2010-02-21 18:33 - 00094208 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 00718152 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 00126280 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 08537928 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 00353096 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 01732936 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2010-10-25 15:15 - 2010-10-25 15:15 - 00105984 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TdmNotify.lnk => C:\Windows\pss\TdmNotify.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VR-NetWorld Auftragsprüfung.lnk => C:\Windows\pss\VR-NetWorld Auftragsprüfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^humm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BrStsWnd => C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_Plugin.exe -update plugin
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files (x86)\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: Ghost Control => "C:\Program Files (x86)\Ghost Control\ghost.exe" -startup
MSCONFIG\startupreg: Google Update => "C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: VMware hqtray => "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
==================== Faulty Device Manager Devices =============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/07/2014 00:51:53 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/06/2014 11:43:20 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (08/05/2014 10:45:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/25/2014 08:42:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x69737265
ID des fehlerhaften Prozesses: 0xe68
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (07/21/2014 08:50:10 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (07/18/2014 07:29:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (07/18/2014 07:29:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (07/18/2014 07:29:26 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (07/18/2014 05:31:16 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (07/18/2014 10:22:26 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
System errors:
=============
Error: (08/20/2014 09:04:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apache Tomcat Tomcat7" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/20/2014 09:04:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (08/20/2014 09:03:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Sophos Cleanup Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/18/2014 02:30:37 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (08/18/2014 01:02:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apache Tomcat Tomcat7" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/18/2014 01:02:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (08/18/2014 01:02:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Sophos Cleanup Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/18/2014 00:19:18 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (08/17/2014 08:13:18 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (08/07/2014 01:40:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {A677570A-2BA2-4E9A-B2E2-8A02CD8B4FD3}
Microsoft Office Sessions:
=========================
Error: (02/24/2014 02:19:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 12741 seconds with 960 seconds of active time. This session ended with a crash.
|
|
21.08.2014, 10:53
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: CPU Auslastung 100% hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.08.2014, 10:14
| #5 |
| | Windows 7: CPU Auslastung 100% Hallo, ich habe den Scan mit Combofix durchgeführt. Zwischendurch habe ich dutzendemale die Fehlermeldung erhalten "Die Datei NIRCMD kann nicht gefunden werden". Allerdings hatte ich zu Beginn leider nicht alle Sophos-Prozesse gestoppt. Das habe ich während des Combofix-Scans nachgeholt. Daher evt. das Problem. Hier das Log: Combofix Logfile: Code:
ATTFilter ComboFix 14-08-21.01 - humm 22.08.2014 10:44:36.1.2 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1252.49.1031.18.8180.6175 [GMT 2:00]
ausgeführt von:: c:\users\humm\Desktop\ComboFix.exe
AV: Sophos Anti-Virus *Enabled/Updated* {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
SP: Sophos Anti-Virus *Enabled/Updated* {D0CA1913-188C-B293-ABD7-B72CB1814094}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\humm\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9lcvlq.dll
c:\users\humm\AppData\Roaming\skype.ini
c:\windows\SysWow64\test
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-22 bis 2014-08-22 ))))))))))))))))))))))))))))))
.
.
2014-08-22 08:57 . 2014-08-22 08:57 -------- d-----w- c:\users\Gast\AppData\Local\temp
2014-08-22 08:57 . 2014-08-22 08:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-22 08:38 . 2014-08-22 08:39 -------- d-----w- C:\32788R22FWJFW
2014-08-20 07:34 . 2014-08-20 07:34 -------- d-----w- C:\FRST
2014-08-18 13:45 . 2014-08-18 13:45 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-17 18:12 . 2014-08-07 01:52 526848 ----a-w- c:\windows\system32\aepdu.dll
2014-08-17 18:12 . 2014-08-07 01:46 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-07-23 17:40 . 2014-07-23 17:40 -------- d-----w- c:\users\humm\AppData\Local\Systweak
2014-07-23 17:38 . 2014-07-23 17:38 -------- d-----w- c:\users\humm\AppData\Roaming\Nico Mak Computing
2014-07-23 17:38 . 2014-07-23 17:38 -------- d-----w- c:\programdata\Nico Mak Computing
2014-07-23 17:38 . 2014-07-23 17:38 -------- d-----w- c:\program files (x86)\WinZip Malware Protector
2014-07-23 17:38 . 2013-03-15 15:10 20480 ----a-w- c:\windows\system32\wsusnative64.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-21 05:44 . 2014-06-03 13:15 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-08-21 03:43 . 2014-08-22 07:58 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7788F896-8086-4B6B-9E8F-BCB6486EB433}\mpengine.dll
2014-08-18 10:16 . 2010-03-04 07:52 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2010-03-04 07:42 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-26 13:19 . 2014-07-18 17:03 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-20 14:59 . 2014-07-20 15:08 1354223 ----a-w- c:\program files (x86)\adwcleaner_3.216.exe
2014-06-15 19:53 . 2014-06-15 19:53 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-10 08:46 . 2013-04-11 10:57 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-10 08:46 . 2013-04-11 10:57 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\humm\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\humm\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\humm\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\humm\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-02-07 224128]
"Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2014-05-21 1617704]
.
c:\users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-8-15 36414752]
OUTLOOK.EXE - Verknüpfung.lnk - c:\program files (x86)\Microsoft Office\Office12\OUTLOOK.EXE [2014-1-29 13018808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-12-10 1416480]
VR-NetWorld Auftragsprüfung.lnk - c:\program files (x86)\VR-NetWorld\VRToolCheckOrder.exe /autostart [2010-4-28 1137664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]
@="service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SAVCleanupService;Sophos Cleanup Service;SAVCleanupService.exe;SAVCleanupService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 swi_update_64;Sophos Web Intelligence Update;c:\programdata\Sophos\Web Intelligence\swi_update_64.exe;c:\programdata\Sophos\Web Intelligence\swi_update_64.exe [x]
R2 Tomcat7;Apache Tomcat Tomcat7;c:\xampp\tomcat\bin\tomcat7.exe;c:\xampp\tomcat\bin\tomcat7.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R3 ASUSVRC64;ASUSTeK Virtual Capture Device;c:\windows\system32\DRIVERS\AsusVRC64.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVRC64.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
R3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NvtSp50.sys;c:\windows\SYSNATIVE\Drivers\NvtSp50.sys [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys;c:\windows\SYSNATIVE\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys;c:\windows\SYSNATIVE\Drivers\RTL2832UUSB.sys [x]
R3 sdcfilter;sdcfilter;c:\windows\system32\DRIVERS\sdcfilter.sys;c:\windows\SYSNATIVE\DRIVERS\sdcfilter.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys;c:\windows\SYSNATIVE\DRIVERS\virtualnet.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys;c:\windows\SYSNATIVE\DRIVERS\SophosBootDriver.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [x]
R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm258.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys;c:\windows\SYSNATIVE\DRIVERS\savonaccess.sys [x]
S1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys;c:\windows\SYSNATIVE\DRIVERS\vfilter.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [x]
S2 buttonsvc64;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [x]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [x]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [x]
S2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [x]
S2 dtpd;ShrewSoft DNS Proxy Daemon;c:\program files\VPN Client\dtpd.exe;c:\program files\VPN Client\dtpd.exe [x]
S2 iked;ShrewSoft IKE Daemon;c:\program files\VPN Client\iked.exe;c:\program files\VPN Client\iked.exe [x]
S2 ipsecd;ShrewSoft IPSEC Daemon;c:\program files\VPN Client\ipsecd.exe;c:\program files\VPN Client\ipsecd.exe [x]
S2 SAVAdminService;Sophos Anti-Virus Statusreporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [x]
S2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [x]
S2 SMManager;Smith Micro Connection Manager Service;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [x]
S2 Sophos Web Control Service;Sophos Web Control Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [x]
S2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys;c:\windows\SYSNATIVE\Drivers\cvusbdrv.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y62x64.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys;c:\windows\SYSNATIVE\DRIVERS\OA001Ufd.sys [x]
S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys;c:\windows\SYSNATIVE\DRIVERS\OA001Vid.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core.job
- c:\users\humm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25 14:09]
.
2014-08-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA.job
- c:\users\humm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25 14:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2009-11-24 15:02 60784 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2009-11-24 15:02 60784 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-11-02 657920]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-01-05 34232]
"DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2009-12-22 1845248]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-19 342528]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-12-14 16336488]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-09 487424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
mWindow Title = Microsoft Internet Explorer
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\programdata\Sophos\Web Intelligence\swi_ifslsp.dll
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{47A1BE09-EF11-4E1C-A8C5-DACC25BC3447}: NameServer = 141.100.10.110,141.100.10.111
FF - ProfilePath - c:\users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.fbi.h-da.de/organisation/personen/humm-bernhard.html
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-xampp - c:\xampp\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3b,1f,a6,2e,18,e9,b3,4b,be,b8,a8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3b,1f,a6,2e,18,e9,b3,4b,be,b8,a8,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\Sophos\AutoUpdate\ALsvc.exe
c:\users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files\Dell\Dell ControlPoint\System Manager\PanelHelper32.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-22 11:09:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-08-22 09:09
.
Vor Suchlauf: 16 Verzeichnis(se), 13.442.785.280 Bytes frei
Nach Suchlauf: 4.465.819.648 Bytes frei
.
- - End Of File - - 1A7AAE93413AEC6007E7E60D256DEE9A
A36C5E4F47E84449FF07ED3517B43A31 [/CODE] |
|
22.08.2014, 22:35
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7: CPU Auslastung 100% Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Windows 7: CPU Auslastung 100% |
|
25.08.2014, 10:33
| #7 |
| | Windows 7: CPU Auslastung 100% Herzlichen Dank! Das sieht schon recht gut aus. Anbei die Log Files. mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 25.08.2014 Suchlauf-Zeit: 10:30:07 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.25.02 Rootkit Datenbank: v2014.08.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 CPU: x64 Dateisystem: NTFS Benutzer: humm Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 384538 Verstrichene Zeit: 12 Min, 22 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.308 - Bericht erstellt am 25/08/2014 um 11:00:34
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Professional (64 bits)
# Benutzername : humm - H_DA-NB-HUMM
# Gestartet von : C:\Users\humm\Downloads\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\humm\AppData\Local\Systweak
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16476
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\5t2ex3d0.default\prefs.js ]
[ Datei : C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [5980 octets] - [07/07/2014 13:41:34]
AdwCleaner[R1].txt - [1197 octets] - [20/07/2014 16:59:49]
AdwCleaner[R2].txt - [1248 octets] - [20/07/2014 17:05:01]
AdwCleaner[R3].txt - [1309 octets] - [22/07/2014 19:31:32]
AdwCleaner[R4].txt - [1871 octets] - [25/08/2014 10:56:29]
AdwCleaner[S0].txt - [5745 octets] - [07/07/2014 13:45:51]
AdwCleaner[S1].txt - [1259 octets] - [20/07/2014 17:01:38]
AdwCleaner[S2].txt - [1784 octets] - [25/08/2014 11:00:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1844 octets] ##########
JRT.txt JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by humm on 25.08.2014 at 11:12:41,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\humm\AppData\Roaming\mozilla\firefox\profiles\0yhqvda4.default\minidumps [43 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.08.2014 at 11:19:04,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by humm (administrator) on H_DA-NB-HUMM on 25-08-2014 11:22:29
Running from C:\Users\humm\Downloads
Platform: Windows 7 Professional (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\stacsv64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
() C:\Program Files\VPN Client\dtpd.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\VPN Client\iked.exe
() C:\Program Files\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Broadcom Corporation) C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Dropbox, Inc.) C:\Users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\PanelHelper32.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DellControlPoint] => C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [657920 2009-11-02] (Dell Inc.)
HKLM\...\Run: [USCService] => C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [34232 2010-01-05] (Broadcom Corporation)
HKLM\...\Run: [DellConnectionManager] => C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [1845248 2009-12-22] (Smith Micro Software, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [342528 2009-06-19] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-09] (IDT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-02-07] (Oracle Corporation)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-21] (Sophos Limited)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-21] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-21] (Sophos Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
ShortcutTarget: Dell ControlPoint System Manager.lnk -> C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Program Files (x86)\VR-NetWorld\VRToolCheckOrder.exe (VR-NetWorld Software)
Startup: C:\Users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OUTLOOK.EXE - Verknüpfung.lnk
ShortcutTarget: OUTLOOK.EXE - Verknüpfung.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: EnabledUnlockedFDEIconOverlay -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: UninitializedFdeIconOverlay -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFB835D73C2E7CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{47A1BE09-EF11-4E1C-A8C5-DACC25BC3447}: [NameServer] 141.100.10.110,141.100.10.111
FireFox:
========
FF ProfilePath: C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.fbi.h-da.de/organisation/personen/humm-bernhard.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.5 -> C:\Program Files (x86)\VLC-Player\npvlc.dll (the VideoLAN Team)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\humm\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\humm\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\humm\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\humm\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ScrapBook - C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-11-23]
FF Extension: Adblock Plus - C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-03-24]
FF Extension: QuickJava - C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-06-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-04-11]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-02-23]
Chrome:
=======
CHR HomePage: hxxp://www.fbi.h-da.de/organisation/personen/humm-bernhard.html
CHR Plugin: (Shockwave Flash) - C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VLC-Player\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\humm\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-04]
CHR Extension: (Google-Suche) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-04]
CHR Extension: (SearchBar) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjefgkhmchopegjeicnblodnidbammed [2014-08-20]
CHR Extension: (AdBlock) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-07]
CHR Extension: (NetBeans Connector) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2014-08-22]
CHR Extension: (Google Wallet) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Google Mail) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-04]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [515872 2009-12-10] (Dell Inc.)
R2 dtpd; C:\Program Files\VPN Client\dtpd.exe [50688 2009-11-15] () [File not signed]
R2 iked; C:\Program Files\VPN Client\iked.exe [948224 2009-11-15] () [File not signed]
R2 ipsecd; C:\Program Files\VPN Client\ipsecd.exe [690688 2009-11-15] () [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\my.ini [8914 2012-03-26] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-21] (Sophos Limited)
S2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-21] (Sophos Limited)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1558016 2009-11-18] (Wave Systems Corp.) [File not signed]
R2 SMManager; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [77312 2009-12-22] (Smith Micro Software, Inc.) [File not signed]
S2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-21] (Sophos Limited)
S2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-21] (Sophos Limited)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe [244736 2010-03-09] (IDT, Inc.)
S2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-21] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-05-21] (Sophos Limited)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] () [File not signed]
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S2 SAVCleanupService; "SAVCleanupService.exe" [X]
S2 Tomcat7; c:\xampp\tomcat\bin\tomcat7.exe //RS//Tomcat7 [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASUSVRC64; C:\Windows\System32\DRIVERS\AsusVRC64.sys [23424 2008-10-13] (ASUSTeK COMPUTER INC.)
R2 BrPar; C:\Windows\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-21] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-21] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-21] (Sophos Limited)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed]
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-05-19] ()
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2010-03-05] (Acronis)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NvtSp50; System32\Drivers\NvtSp50.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 11:21 - 2014-08-25 11:21 - 00000000 ____D () C:\Users\humm\Downloads\FRST-OlderVersion
2014-08-25 11:19 - 2014-08-25 11:19 - 00000755 _____ () C:\Users\humm\Desktop\JRT.txt
2014-08-25 11:12 - 2014-08-25 11:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 11:11 - 2014-08-25 11:11 - 01016261 _____ (Thisisu) C:\Users\humm\Downloads\JRT.exe
2014-08-25 11:07 - 2014-08-25 11:07 - 00001932 _____ () C:\Users\humm\Desktop\AdwCleaner[S2].txt
2014-08-25 10:53 - 2014-08-25 10:53 - 01364531 _____ () C:\Users\humm\Downloads\adwcleaner_3.308.exe
2014-08-25 10:52 - 2014-08-25 10:52 - 00001140 _____ () C:\Users\humm\Desktop\mbam.txt
2014-08-25 10:29 - 2014-08-25 10:29 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 10:26 - 2014-08-25 10:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\humm\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:56 - 2014-08-25 09:56 - 00504644 _____ () C:\Users\humm\Desktop\vrexport.csv
2014-08-24 13:32 - 2014-08-24 13:35 - 00000000 ____D () C:\Users\humm\Downloads\tbc-win32.win32.x86_64-4.1.0.v20121228-2356r
2014-08-24 13:27 - 2014-08-24 13:27 - 00000000 ____D () C:\Users\humm\Downloads\virtuoso-opensource-x64-20140217
2014-08-24 13:26 - 2014-08-24 13:27 - 18697285 _____ () C:\Users\humm\Downloads\virtuoso-opensource-x64-20140217.zip
2014-08-24 13:20 - 2014-08-24 13:27 - 179782726 _____ () C:\Users\humm\Downloads\tbc-win32.win32.x86_64-4.1.0.v20121228-2356r.zip
2014-08-23 11:35 - 2014-08-23 11:35 - 00000000 ____D () C:\Users\humm\.Protege
2014-08-23 11:34 - 2014-08-23 11:44 - 00000000 ____D () C:\Program Files (x86)\Protege_5.0_beta
2014-08-23 11:34 - 2014-08-23 11:35 - 00000000 ____D () C:\Users\humm\Downloads\protege-5.0.0-beta-15
2014-08-23 11:32 - 2014-08-23 11:33 - 15289492 _____ () C:\Users\humm\Downloads\protege-5.0.0-beta-15.zip
2014-08-22 13:03 - 2014-08-22 13:03 - 00002027 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-08-22 13:01 - 2014-08-22 13:06 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-22 12:57 - 2014-08-22 12:58 - 219347792 _____ () C:\Users\humm\Downloads\netbeans-8.0-windows.exe
2014-08-22 12:13 - 2014-08-22 12:13 - 00000000 ____D () C:\Users\humm\AppData\Roaming\DL
2014-08-22 12:12 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\humm\.Zettelkasten
2014-08-22 12:11 - 2014-08-22 12:11 - 03120141 _____ () C:\Users\humm\Downloads\Zettelkasten3_windows.zip
2014-08-22 12:11 - 2014-08-22 12:11 - 00000000 ____D () C:\Program Files (x86)\Zettelkasten3_windows
2014-08-22 11:09 - 2014-08-22 11:09 - 00033004 _____ () C:\ComboFix.txt
2014-08-22 10:39 - 2014-08-22 11:09 - 00000000 ____D () C:\Qoobox
2014-08-22 10:39 - 2014-08-22 11:09 - 00000000 ____D () C:\ComboFix
2014-08-22 10:39 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-22 10:39 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-22 10:38 - 2014-08-22 11:06 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 10:38 - 2014-08-22 10:39 - 00000000 ____D () C:\32788R22FWJFW
2014-08-22 10:37 - 2014-08-22 10:37 - 05572006 ____R (Swearware) C:\Users\humm\Desktop\ComboFix.exe
2014-08-22 10:36 - 2014-08-22 10:37 - 05572006 _____ (Swearware) C:\Users\humm\Downloads\ComboFix.exe
2014-08-20 19:15 - 2014-08-20 19:15 - 00160752 _____ () C:\Users\humm\Downloads\sparql (6)
2014-08-20 19:10 - 2014-08-20 19:10 - 10307800 _____ () C:\Users\humm\Downloads\sparql (5)
2014-08-20 19:08 - 2014-08-20 19:08 - 21135223 _____ () C:\Users\humm\Downloads\sparql (4)
2014-08-20 19:05 - 2014-08-20 19:05 - 00039682 _____ () C:\Users\humm\Downloads\sparql (3)
2014-08-20 18:52 - 2014-08-20 18:53 - 10307800 _____ () C:\Users\humm\Downloads\sparql (2)
2014-08-20 17:32 - 2014-08-20 17:32 - 00018799 _____ () C:\Users\humm\Downloads\sparql (1)
2014-08-20 17:28 - 2014-08-20 17:28 - 00012350 _____ () C:\Users\humm\Downloads\sparql
2014-08-20 09:35 - 2014-08-20 14:21 - 00052137 _____ () C:\Users\humm\Downloads\Addition.txt
2014-08-20 09:34 - 2014-08-25 11:23 - 00030624 _____ () C:\Users\humm\Downloads\FRST.txt
2014-08-20 09:34 - 2014-08-25 11:22 - 00000000 ____D () C:\FRST
2014-08-20 09:33 - 2014-08-25 11:21 - 02103296 _____ (Farbar) C:\Users\humm\Downloads\FRST64.exe
2014-08-19 17:06 - 2014-08-19 17:06 - 00001719 _____ () C:\Users\humm\Downloads\Terminplan_SS14_IHU.ics
2014-08-18 10:11 - 2014-08-18 10:11 - 00001364 _____ () C:\Users\humm\Downloads\cacert.crt
2014-08-17 20:12 - 2014-08-07 03:52 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-17 20:12 - 2014-08-07 03:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 17:08 - 2014-08-07 17:08 - 00000688 _____ () C:\Users\humm\Downloads\TerminExport_140028468tuw133.ics
2014-08-07 13:38 - 2014-08-07 13:38 - 00292880 _____ () C:\Windows\Minidump\080714-30872-01.dmp
2014-08-05 12:04 - 2014-08-05 12:04 - 00003146 _____ () C:\Windows\System32\Tasks\{7316B325-C691-4BA3-A54E-F0B70D944370}
2014-08-05 12:01 - 2014-08-05 12:01 - 00001048 _____ () C:\Users\Public\Desktop\VR-NetWorld.lnk
2014-08-05 11:58 - 2014-08-05 11:59 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\humm\Downloads\VRNetWorldSW_51311.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 11:23 - 2014-08-20 09:34 - 00030624 _____ () C:\Users\humm\Downloads\FRST.txt
2014-08-25 11:22 - 2014-08-20 09:34 - 00000000 ____D () C:\FRST
2014-08-25 11:21 - 2014-08-25 11:21 - 00000000 ____D () C:\Users\humm\Downloads\FRST-OlderVersion
2014-08-25 11:21 - 2014-08-20 09:33 - 02103296 _____ (Farbar) C:\Users\humm\Downloads\FRST64.exe
2014-08-25 11:19 - 2014-08-25 11:19 - 00000755 _____ () C:\Users\humm\Desktop\JRT.txt
2014-08-25 11:18 - 2011-11-25 16:09 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA.job
2014-08-25 11:12 - 2014-08-25 11:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 11:11 - 2014-08-25 11:11 - 01016261 _____ (Thisisu) C:\Users\humm\Downloads\JRT.exe
2014-08-25 11:10 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-25 11:10 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 11:07 - 2014-08-25 11:07 - 00001932 _____ () C:\Users\humm\Desktop\AdwCleaner[S2].txt
2014-08-25 11:07 - 2010-04-05 05:22 - 01512788 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 11:04 - 2011-02-07 13:26 - 00000000 ___RD () C:\Users\humm\Dropbox
2014-08-25 11:04 - 2011-02-07 13:24 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Dropbox
2014-08-25 11:02 - 2013-09-09 14:32 - 00012500 _____ () C:\Windows\PFRO.log
2014-08-25 11:02 - 2013-07-03 07:27 - 00024043 _____ () C:\Windows\setupact.log
2014-08-25 11:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-25 11:00 - 2014-07-07 13:41 - 00000000 ____D () C:\AdwCleaner
2014-08-25 10:53 - 2014-08-25 10:53 - 01364531 _____ () C:\Users\humm\Downloads\adwcleaner_3.308.exe
2014-08-25 10:52 - 2014-08-25 10:52 - 00001140 _____ () C:\Users\humm\Desktop\mbam.txt
2014-08-25 10:30 - 2014-07-18 19:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 10:29 - 2014-08-25 10:29 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 10:29 - 2014-07-18 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-25 10:29 - 2014-07-18 19:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-25 10:26 - 2014-08-25 10:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\humm\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:58 - 2010-04-28 17:38 - 00000000 ____D () C:\Users\Public\Documents\VR-NetWorld
2014-08-25 09:58 - 2009-07-14 12:57 - 00727876 _____ () C:\Windows\system32\perfh007.dat
2014-08-25 09:58 - 2009-07-14 12:57 - 00157592 _____ () C:\Windows\system32\perfc007.dat
2014-08-25 09:58 - 2009-07-14 07:13 - 01699050 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-25 09:56 - 2014-08-25 09:56 - 00504644 _____ () C:\Users\humm\Desktop\vrexport.csv
2014-08-25 09:37 - 2011-11-25 16:09 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core.job
2014-08-24 13:36 - 2011-02-28 16:48 - 00000000 ____D () C:\Users\humm\AppData\Roaming\TopQuadrant
2014-08-24 13:35 - 2014-08-24 13:32 - 00000000 ____D () C:\Users\humm\Downloads\tbc-win32.win32.x86_64-4.1.0.v20121228-2356r
2014-08-24 13:27 - 2014-08-24 13:27 - 00000000 ____D () C:\Users\humm\Downloads\virtuoso-opensource-x64-20140217
2014-08-24 13:27 - 2014-08-24 13:26 - 18697285 _____ () C:\Users\humm\Downloads\virtuoso-opensource-x64-20140217.zip
2014-08-24 13:27 - 2014-08-24 13:20 - 179782726 _____ () C:\Users\humm\Downloads\tbc-win32.win32.x86_64-4.1.0.v20121228-2356r.zip
2014-08-23 11:44 - 2014-08-23 11:34 - 00000000 ____D () C:\Program Files (x86)\Protege_5.0_beta
2014-08-23 11:35 - 2014-08-23 11:35 - 00000000 ____D () C:\Users\humm\.Protege
2014-08-23 11:35 - 2014-08-23 11:34 - 00000000 ____D () C:\Users\humm\Downloads\protege-5.0.0-beta-15
2014-08-23 11:35 - 2010-04-05 13:06 - 00000000 ____D () C:\Users\humm
2014-08-23 11:33 - 2014-08-23 11:32 - 15289492 _____ () C:\Users\humm\Downloads\protege-5.0.0-beta-15.zip
2014-08-22 16:51 - 2010-04-06 18:28 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Skype
2014-08-22 16:51 - 2010-04-05 22:48 - 00000000 ____D () C:\Users\humm\.freemind
2014-08-22 14:03 - 2010-04-05 14:35 - 00000000 ____D () C:\Users\humm\.nbi
2014-08-22 13:53 - 2012-09-05 11:58 - 00000000 ____D () C:\Users\humm\AppData\Roaming\NetBeans
2014-08-22 13:53 - 2012-09-05 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-08-22 13:06 - 2014-08-22 13:01 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-22 13:03 - 2014-08-22 13:03 - 00002027 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-08-22 12:58 - 2014-08-22 12:57 - 219347792 _____ () C:\Users\humm\Downloads\netbeans-8.0-windows.exe
2014-08-22 12:50 - 2012-10-23 10:23 - 00000000 ____D () C:\Program Files (x86)\eclipse
2014-08-22 12:50 - 2010-12-01 21:54 - 00000000 ____D () C:\Users\humm\AppData\Local\Eclipse
2014-08-22 12:46 - 2014-08-22 12:12 - 00000000 ____D () C:\Users\humm\.Zettelkasten
2014-08-22 12:13 - 2014-08-22 12:13 - 00000000 ____D () C:\Users\humm\AppData\Roaming\DL
2014-08-22 12:11 - 2014-08-22 12:11 - 03120141 _____ () C:\Users\humm\Downloads\Zettelkasten3_windows.zip
2014-08-22 12:11 - 2014-08-22 12:11 - 00000000 ____D () C:\Program Files (x86)\Zettelkasten3_windows
2014-08-22 11:22 - 2014-07-23 19:38 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Nico Mak Computing
2014-08-22 11:19 - 2010-04-05 16:03 - 00000000 ____D () C:\Users\humm\AppData\Local\TSVNCache
2014-08-22 11:09 - 2014-08-22 11:09 - 00033004 _____ () C:\ComboFix.txt
2014-08-22 11:09 - 2014-08-22 10:39 - 00000000 ____D () C:\Qoobox
2014-08-22 11:09 - 2014-08-22 10:39 - 00000000 ____D () C:\ComboFix
2014-08-22 11:09 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-22 11:06 - 2014-08-22 10:38 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 11:01 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-22 10:58 - 2009-07-14 04:34 - 93847552 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-08-22 10:58 - 2009-07-14 04:34 - 26738688 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-08-22 10:58 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-08-22 10:58 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-08-22 10:58 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-08-22 10:39 - 2014-08-22 10:38 - 00000000 ____D () C:\32788R22FWJFW
2014-08-22 10:37 - 2014-08-22 10:37 - 05572006 ____R (Swearware) C:\Users\humm\Desktop\ComboFix.exe
2014-08-22 10:37 - 2014-08-22 10:36 - 05572006 _____ (Swearware) C:\Users\humm\Downloads\ComboFix.exe
2014-08-20 19:15 - 2014-08-20 19:15 - 00160752 _____ () C:\Users\humm\Downloads\sparql (6)
2014-08-20 19:10 - 2014-08-20 19:10 - 10307800 _____ () C:\Users\humm\Downloads\sparql (5)
2014-08-20 19:08 - 2014-08-20 19:08 - 21135223 _____ () C:\Users\humm\Downloads\sparql (4)
2014-08-20 19:05 - 2014-08-20 19:05 - 00039682 _____ () C:\Users\humm\Downloads\sparql (3)
2014-08-20 18:53 - 2014-08-20 18:52 - 10307800 _____ () C:\Users\humm\Downloads\sparql (2)
2014-08-20 17:32 - 2014-08-20 17:32 - 00018799 _____ () C:\Users\humm\Downloads\sparql (1)
2014-08-20 17:28 - 2014-08-20 17:28 - 00012350 _____ () C:\Users\humm\Downloads\sparql
2014-08-20 15:02 - 2012-04-05 13:04 - 00000000 ____D () C:\Temp
2014-08-20 15:02 - 2011-03-22 15:04 - 00000000 ____D () C:\Program Files (x86)\OntoStudio-3.0.3-B893
2014-08-20 14:21 - 2014-08-20 09:35 - 00052137 _____ () C:\Users\humm\Downloads\Addition.txt
2014-08-19 17:06 - 2014-08-19 17:06 - 00001719 _____ () C:\Users\humm\Downloads\Terminplan_SS14_IHU.ics
2014-08-18 15:44 - 2010-04-06 18:27 - 00000000 ____D () C:\ProgramData\Skype
2014-08-18 13:09 - 2014-07-23 20:04 - 00009902 _____ () C:\Users\humm\Desktop\log.xml
2014-08-18 12:22 - 2010-03-04 18:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-18 12:21 - 2013-08-07 19:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-18 12:16 - 2010-03-04 09:52 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-18 12:14 - 2014-07-09 19:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-18 10:11 - 2014-08-18 10:11 - 00001364 _____ () C:\Users\humm\Downloads\cacert.crt
2014-08-17 20:00 - 2014-05-27 10:14 - 00001026 _____ () C:\Users\humm\Desktop\Dropbox.lnk
2014-08-17 20:00 - 2011-02-07 13:24 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-07 17:08 - 2014-08-07 17:08 - 00000688 _____ () C:\Users\humm\Downloads\TerminExport_140028468tuw133.ics
2014-08-07 13:38 - 2014-08-07 13:38 - 00292880 _____ () C:\Windows\Minidump\080714-30872-01.dmp
2014-08-07 13:38 - 2010-10-27 15:33 - 00000000 ____D () C:\Windows\Minidump
2014-08-07 03:52 - 2014-08-17 20:12 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:46 - 2014-08-17 20:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 12:04 - 2014-08-05 12:04 - 00003146 _____ () C:\Windows\System32\Tasks\{7316B325-C691-4BA3-A54E-F0B70D944370}
2014-08-05 12:02 - 2010-04-28 17:38 - 00000000 ____D () C:\Program Files (x86)\VR-NetWorld
2014-08-05 12:01 - 2014-08-05 12:01 - 00001048 _____ () C:\Users\Public\Desktop\VR-NetWorld.lnk
2014-08-05 11:59 - 2014-08-05 11:58 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\humm\Downloads\VRNetWorldSW_51311.exe
2014-08-05 09:20 - 2010-03-04 09:42 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 22:23 - 2013-08-14 15:46 - 00000000 _____ () C:\Windows\system32\vireng.log
Some content of TEMP:
====================
C:\Users\humm\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptxlyue.dll
C:\Users\humm\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03
Ran by humm at 2014-08-25 11:23:33
Running from C:\Users\humm\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Sophos Anti-Virus (Disabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Disabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.10 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0910-000001000000}) (Version: 9.10.00.0 - Igor Pavlov)
Acronis*True*Image*Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.6053 - Acronis)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Allegro CL 9.0 Free Express Edition Express (HKLM-x32\...\Allegro CL 9.0 Free Express Edition Express) (Version: - )
ASUS U3100MINI PLUS V2 (HKLM-x32\...\TVRTLDrv) (Version: - )
ATMinInstall64 (Version: 7.10.0.1129 - AuthenTec) Hidden
AutoHotkey 1.1.03.00 (HKLM-x32\...\AutoHotkey) (Version: 1.1.03.00 - AutoHotkey Community)
BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden
Brother HL-3040CN (HKLM-x32\...\{6F7A1B18-5EB3-4827-8644-19BD1277B9B8}) (Version: 1.00 - Brother)
BS64MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.7.1893 - CDBurnerXP)
Cisco WebEx Meeting Center für Firefox oder Chrome (HKLM-x32\...\{50B62367-6210-45E4-AA1E-A0532926E429}) (Version: 8.29.3201 - Cisco WebEx LLC)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.1.15.0 - Swiss Academic Software)
Citrix Presentation Server Client - Web Only (HKLM-x32\...\{C49067A8-8212-4A82-A4D9-1519701644F0}) (Version: 10.100.55836 - Citrix Systems, Inc.)
DCP64MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
Dell Control Point 64 (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Dell ControlPoint Connection Manager 64 (HKLM\...\{CE964618-AED2-4304-AC75-2EF8D0B47ECC}) (Version: 1.4.0 - Ihr Firmenname)
Dell ControlPoint Security Manager (HKLM-x32\...\{F4487649-7368-4217-AEA3-1E04DB3E2C5C}) (Version: 1.6.453.66 - Dell Inc.)
Dell ControlPoint System Manager (HKLM\...\{87EBE6AA-E4AA-4F3B-975C-72575C660BE7}) (Version: 1.4.00000 - Dell Inc.)
Dell ControlVault Host Components Installer 64Bit (Version: 1.7.450.290 - Broadcom Corporation) Hidden
Dell Embassy Trust Suite by Wave Systems (Version: 02.05.00.058 - Wave Systems Corp) Hidden
Dell Security Device Driver Pack (HKLM-x32\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.4.050 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.102.101.230 - ALPS ELECTRIC CO., LTD.)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
EMBASSY Security Center Lite (Version: 04.01.00.029 - Ihr Firmenname) Hidden
EMBASSY Security Center Lite (x32 Version: - ) Hidden
EMBASSY Security Setup (Version: 04.01.00.028 - Ihr Firmenname) Hidden
EMBASSY Security Setup (x32 Version: - ) Hidden
ESC Home Page Plugin (Version: 04.01.00.004 - Ihr Firmenname) Hidden
ESC Home Page Plugin (x32 Version: - ) Hidden
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.2.6 - Telerik)
FileZilla Client 3.3.2 (HKLM-x32\...\FileZilla Client) (Version: 3.3.2 - )
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Gemalto (Version: 01.64.00.0010 - Wave Systems Corp) Hidden
Ghost Control 3.0.6 (HKLM-x32\...\Ghost Control_is1) (Version: - N.R.S.)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript 8.71 (HKLM-x32\...\GPL Ghostscript 8.71) (Version: - )
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
Integrated Webcam Driver (1.03.02.0919) (HKLM\...\Creative OA001) (Version: - )
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.1 - Intel)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.129 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.350 - Oracle)
Java(TM) SE Development Kit 6 Update 26 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
Java(TM) SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
JavaFX(TM) 1.2 SDK (HKLM-x32\...\{5aa47dba-b584-4d47-a626-76e53f010203}) (Version: 1.2.3 - Sun Microsystems, Inc.)
JetBrains PyCharm 2.7.3 (HKLM-x32\...\PyCharm 2.7.3) (Version: 129.782 - JetBrains s.r.o.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MCE Software Encoder 1.1 (HKLM-x32\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.2323 - CyberLink Corporation)
Media Player Classic - Home Cinema v. 1.3.1249.0 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: - ) <==== ATTENTION
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Standard 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Visio MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Project Standard 2010 (HKLM-x32\...\Office14.PRJSTD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu (HKLM\...\{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
MiKTeX 2.8 (HKLM-x32\...\MiKTeX 2.8) (Version: 2.8 - MiKTeX.org)
Mindjet MindManager Viewer 7 (HKLM-x32\...\{8E55813F-2FA3-47E8-9AF9-31DC0B4AE3ED}) (Version: 7.1.394 - Mindjet LLC)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Server 5.1 (HKLM\...\{DE35700E-4D3C-41A5-8BF0-44A5FDE4A6C5}) (Version: 5.1.59 - MySQL AB)
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.6 - )
NTRU TCG Software Stack (Version: 2.1.29 - NTRU Cryptosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.54.32 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\nView Desktop Manager) (Version: - )
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.212.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Preboot Manager (Version: 03.01.00.036 - Wave Systems Corp.) Hidden
Python 3.3.2 (64-bit) (HKLM\...\{9fa9a2a6-19e4-381a-8af3-f8cf12f0dcf0}) (Version: 3.3.2150 - Python Software Foundation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Schriftart Hochschule Darmstadt (HKLM-x32\...\{F269C6FD-4675-40D5-85C1-27D5DB39B4CC}) (Version: 1.0 - Default Manufacturer)
Service Pack 1 für SQL Server 2008 (KB 968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slik Subversion 1.8.5 (x64) (HKLM\...\{F69D8404-BCB7-43E4-ACA5-B5D26A2A7C53}) (Version: 1.8.5.0 - SlikSvn & The SharpSvn Project)
SO64MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
StarUML 5.0.2.1570 (HKLM-x32\...\StarUML_is1) (Version: - Plastic Software, Inc.)
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.10408 - TeamViewer GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
tools-linux (x32 Version: 9.2.3.1031769 - VMware, Inc.) Hidden
TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)
TreeSize Free V2.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.5 - JAM Software)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1 - TrueCrypt Foundation)
Trusted Drive Manager (Version: 3.3.0.396 - Wave Systems Corp.) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM-x32\...\{877B3198-1C6B-4A9A-8D28-BE4F6040987F}) (Version: 10.1.2531.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJSTD_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJSTD_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJSTD_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UPEK TouchChip Fingerprint Reader (Version: 1.2.0 - Dell Inc.) Hidden
UTAX TA Product Library (HKLM\...\UTAX TA Product Library) (Version: 2.0.0713 - Kyocera Mita Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.2 - VMware, Inc)
VMware Player (Version: 5.0.2 - VMware, Inc.) Hidden
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version: - )
Wave Infrastructure Installer (Version: 07.65.19.0000 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.11.00.033 - Ihr Firmenname) Hidden
Wave Support Software (x32 Version: - ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
WordNet 2.1 (HKLM-x32\...\{58582B88-0260-4C80-9A89-8CA0923AFD26}) (Version: 2.1 - Princeton University Cognitive Science Laboratory)
XAMPP 1.8.1 (HKLM-x32\...\xampp) (Version: - )
XMind 2013 (v3.4.0) (HKLM-x32\...\XMind_is1) (Version: 3.4.0.201311050558 - XMind Ltd.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-08-22 11:00 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1E34E4DC-A454-49A1-B3E1-1E637A3474EA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {5B58430D-2312-481C-A0F1-F226F66EA39A} - System32\Tasks\{DFFDEF7C-2F48-44F9-A85A-1FE5BACC5739} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {814EF0A8-9A18-43A6-A97C-488EFC174306} - System32\Tasks\{090F2998-D097-4CD3-8A97-C89AE5E59AB6} => E:\DELL-Install\2-Diverses\03-CD-Burner\CD Burner XP 4.2.7.1801.exe
Task: {95A41ECC-313A-4987-B4A7-F7639DF8D847} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {CCDA4829-88A0-4922-B351-398B587DADB1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {FEEA4BB5-EC4C-4F7C-B062-03D9D568AE84} - System32\Tasks\{F4C90DB0-FA16-49E5-B41C-2C1B077F9F21} => E:\setup.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core.job => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA.job => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-09-21 16:04 - 2009-09-21 16:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-04-20 17:13 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2009-11-15 20:31 - 2009-11-15 20:31 - 00050688 _____ () C:\Program Files\VPN Client\dtpd.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00026624 _____ () C:\Program Files\VPN Client\libidb.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00013312 _____ () C:\Program Files\VPN Client\liblog.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00017920 _____ () C:\Program Files\VPN Client\libith.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00119296 _____ () C:\Program Files\VPN Client\libip.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034816 _____ () C:\Program Files\VPN Client\libvflt.dll
2009-11-15 20:25 - 2009-11-15 20:25 - 00019456 _____ () C:\Program Files\VPN Client\libdtp.dll
2009-11-15 20:28 - 2009-11-15 20:28 - 00948224 _____ () C:\Program Files\VPN Client\iked.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00030720 _____ () C:\Program Files\VPN Client\libpfk.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034304 _____ () C:\Program Files\VPN Client\libvnet.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00028160 _____ () C:\Program Files\VPN Client\libike.dll
2009-11-15 20:26 - 2009-11-15 20:26 - 00690688 _____ () C:\Program Files\VPN Client\ipsecd.exe
2010-03-04 10:12 - 2009-11-12 14:48 - 00071096 _____ () C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-11-13 09:32 - 2009-11-13 09:32 - 00013824 _____ () C:\Windows\system32\Wavx_ESC_Logging.dll
2008-11-12 14:29 - 2008-11-12 14:29 - 00004608 _____ () C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_DEU.dll
2013-11-24 14:36 - 2013-11-24 14:36 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2013-11-24 14:37 - 2013-11-24 14:37 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2009-12-22 12:21 - 2009-12-22 12:21 - 00128512 _____ () C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMBIOSController.dll
2014-08-25 11:04 - 2014-08-25 11:04 - 00043008 _____ () c:\users\humm\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptxlyue.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\humm\AppData\Roaming\Dropbox\bin\libcef.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2010-10-25 15:13 - 2010-10-25 15:13 - 02893216 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2010-10-25 15:15 - 2010-10-25 15:15 - 01445888 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-11-24 13:48 - 2013-11-24 13:48 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2013-11-24 13:48 - 2013-11-24 13:48 - 00071408 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2009-09-14 02:06 - 2009-09-14 02:06 - 00204800 _____ () C:\Program Files (x86)\Notepad++\plugins\ComparePlugin.dll
2008-09-06 14:51 - 2008-09-06 14:51 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2007-08-05 03:10 - 2007-08-05 03:10 - 00250368 _____ () C:\Program Files (x86)\Notepad++\plugins\Config\tidy\libTidy.dll
2010-02-21 18:33 - 2010-02-21 18:33 - 00094208 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 00718152 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 00126280 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 08537928 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 00353096 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 01732936 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TdmNotify.lnk => C:\Windows\pss\TdmNotify.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VR-NetWorld Auftragsprüfung.lnk => C:\Windows\pss\VR-NetWorld Auftragsprüfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^humm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BrStsWnd => C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_Plugin.exe -update plugin
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files (x86)\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: Ghost Control => "C:\Program Files (x86)\Ghost Control\ghost.exe" -startup
MSCONFIG\startupreg: Google Update => "C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: VMware hqtray => "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
==================== Faulty Device Manager Devices =============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (02/24/2014 02:19:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 12741 seconds with 960 seconds of active time. This session ended with a crash.
|
|
25.08.2014, 20:22
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7: CPU Auslastung 100%ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.08.2014, 15:54
| #9 |
| | Windows 7: CPU Auslastung 100% Vielen Dank! Die Probleme sind in den letzten Tagen nicht mehr aufgetreten :-) Bleibt natürlich die Frage, was das Problem verursacht hat und wie ich es in Zukunft vermeiden kann. Anbei die Logs. Dazu zwei Anmerkungen: - Beim ersten Lauf von Eset bekam ich nach ca. 5 Min. einen Blue Screen Ich habe dann neu gestartet - Eset ist ca. 5 h gelaufen und hat im Fenster 10 Bedrohungen angezeigt. Diese sind aber in der Log-Datei nicht aufgeführt. EsetOnlineScanner\log.txt Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Sophos Anti-Virus
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 60
Java(TM) 6 Update 35
JavaFX(TM) 1.2 SDK
Java version out of Date!
Adobe Flash Player 13.0.0.214 Flash Player out of Date!
Mozilla Firefox (Meeting.)
Google Chrome 36.0.1985.125
Google Chrome 36.0.1985.143
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by humm (administrator) on H_DA-NB-HUMM on 26-08-2014 16:43:16
Running from C:\Users\humm\Downloads
Platform: Windows 7 Professional (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\stacsv64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
() C:\Program Files\VPN Client\dtpd.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\VPN Client\iked.exe
() C:\Program Files\VPN Client\ipsecd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Broadcom Corporation) C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Dropbox, Inc.) C:\Users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\PanelHelper32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\MSTORDB.EXE
(Google Inc.) C:\Users\humm\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Users\humm\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DellControlPoint] => C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [657920 2009-11-02] (Dell Inc.)
HKLM\...\Run: [USCService] => C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [34232 2010-01-05] (Broadcom Corporation)
HKLM\...\Run: [DellConnectionManager] => C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [1845248 2009-12-22] (Smith Micro Software, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [342528 2009-06-19] (Alps Electric Co., Ltd.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-09] (IDT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-02-07] (Oracle Corporation)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-21] (Sophos Limited)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-21] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-21] (Sophos Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell ControlPoint System Manager.lnk
ShortcutTarget: Dell ControlPoint System Manager.lnk -> C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Program Files (x86)\VR-NetWorld\VRToolCheckOrder.exe (VR-NetWorld Software)
Startup: C:\Users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OUTLOOK.EXE - Verknüpfung.lnk
ShortcutTarget: OUTLOOK.EXE - Verknüpfung.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: EnabledUnlockedFDEIconOverlay -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: UninitializedFdeIconOverlay -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFB835D73C2E7CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{47A1BE09-EF11-4E1C-A8C5-DACC25BC3447}: [NameServer] 141.100.10.110,141.100.10.111
FireFox:
========
FF ProfilePath: C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.fbi.h-da.de/organisation/personen/humm-bernhard.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=1.0.5 -> C:\Program Files (x86)\VLC-Player\npvlc.dll (the VideoLAN Team)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\humm\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\humm\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\humm\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\humm\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ScrapBook - C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-11-23]
FF Extension: Adblock Plus - C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-03-24]
FF Extension: QuickJava - C:\Users\humm\AppData\Roaming\Mozilla\Firefox\Profiles\0yhqvda4.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-06-15]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-04-11]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-02-23]
Chrome:
=======
CHR HomePage: hxxp://www.fbi.h-da.de/organisation/personen/humm-bernhard.html
CHR Plugin: (Shockwave Flash) - C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VLC-Player\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\humm\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-04]
CHR Extension: (Google-Suche) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-04]
CHR Extension: (SearchBar) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjefgkhmchopegjeicnblodnidbammed [2014-08-20]
CHR Extension: (AdBlock) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-07]
CHR Extension: (NetBeans Connector) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2014-08-22]
CHR Extension: (Google Wallet) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Google Mail) - C:\Users\humm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-04]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [515872 2009-12-10] (Dell Inc.)
R2 dtpd; C:\Program Files\VPN Client\dtpd.exe [50688 2009-11-15] () [File not signed]
R2 iked; C:\Program Files\VPN Client\iked.exe [948224 2009-11-15] () [File not signed]
R2 ipsecd; C:\Program Files\VPN Client\ipsecd.exe [690688 2009-11-15] () [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\my.ini [8914 2012-03-26] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2009-11-12] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-21] (Sophos Limited)
S2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-21] (Sophos Limited)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1558016 2009-11-18] (Wave Systems Corp.) [File not signed]
R2 SMManager; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [77312 2009-12-22] (Smith Micro Software, Inc.) [File not signed]
S2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-21] (Sophos Limited)
S2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-21] (Sophos Limited)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe [244736 2010-03-09] (IDT, Inc.)
S2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-21] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-05-21] (Sophos Limited)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] () [File not signed]
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S2 SAVCleanupService; "SAVCleanupService.exe" [X]
S2 Tomcat7; c:\xampp\tomcat\bin\tomcat7.exe //RS//Tomcat7 [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASUSVRC64; C:\Windows\System32\DRIVERS\AsusVRC64.sys [23424 2008-10-13] (ASUSTeK COMPUTER INC.)
R2 BrPar; C:\Windows\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-21] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-21] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-21] (Sophos Limited)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed]
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-05-19] ()
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2010-03-05] (Acronis)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NvtSp50; System32\Drivers\NvtSp50.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-26 16:38 - 2014-08-26 16:38 - 00854417 _____ () C:\Users\humm\Downloads\SecurityCheck.exe
2014-08-26 12:52 - 2014-08-26 12:53 - 00292880 _____ () C:\Windows\Minidump\082614-24258-01.dmp
2014-08-26 12:52 - 2014-08-26 12:52 - 870865041 _____ () C:\Windows\MEMORY.DMP
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-26 12:44 - 2014-08-26 12:44 - 02347384 _____ (ESET) C:\Users\humm\Downloads\esetsmartinstaller_deu.exe
2014-08-25 11:27 - 2014-08-25 11:23 - 00047642 _____ () C:\Users\humm\Desktop\FRST.txt
2014-08-25 11:27 - 2014-08-25 11:23 - 00045587 _____ () C:\Users\humm\Desktop\Addition.txt
2014-08-25 11:21 - 2014-08-25 11:21 - 00000000 ____D () C:\Users\humm\Downloads\FRST-OlderVersion
2014-08-25 11:19 - 2014-08-25 11:19 - 00000755 _____ () C:\Users\humm\Desktop\JRT.txt
2014-08-25 11:12 - 2014-08-25 11:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 11:11 - 2014-08-25 11:11 - 01016261 _____ (Thisisu) C:\Users\humm\Downloads\JRT.exe
2014-08-25 11:07 - 2014-08-25 11:07 - 00001932 _____ () C:\Users\humm\Desktop\AdwCleaner[S2].txt
2014-08-25 10:53 - 2014-08-25 10:53 - 01364531 _____ () C:\Users\humm\Downloads\adwcleaner_3.308.exe
2014-08-25 10:52 - 2014-08-25 10:52 - 00001140 _____ () C:\Users\humm\Desktop\mbam.txt
2014-08-25 10:29 - 2014-08-25 10:29 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 10:26 - 2014-08-25 10:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\humm\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:56 - 2014-08-25 09:56 - 00504644 _____ () C:\Users\humm\Desktop\vrexport.csv
2014-08-24 13:32 - 2014-08-24 13:35 - 00000000 ____D () C:\Users\humm\Downloads\tbc-win32.win32.x86_64-4.1.0.v20121228-2356r
2014-08-24 13:27 - 2014-08-24 13:27 - 00000000 ____D () C:\Users\humm\Downloads\virtuoso-opensource-x64-20140217
2014-08-24 13:26 - 2014-08-24 13:27 - 18697285 _____ () C:\Users\humm\Downloads\virtuoso-opensource-x64-20140217.zip
2014-08-24 13:20 - 2014-08-24 13:27 - 179782726 _____ () C:\Users\humm\Downloads\tbc-win32.win32.x86_64-4.1.0.v20121228-2356r.zip
2014-08-23 11:35 - 2014-08-23 11:35 - 00000000 ____D () C:\Users\humm\.Protege
2014-08-23 11:34 - 2014-08-23 11:44 - 00000000 ____D () C:\Program Files (x86)\Protege_5.0_beta
2014-08-23 11:34 - 2014-08-23 11:35 - 00000000 ____D () C:\Users\humm\Downloads\protege-5.0.0-beta-15
2014-08-23 11:32 - 2014-08-23 11:33 - 15289492 _____ () C:\Users\humm\Downloads\protege-5.0.0-beta-15.zip
2014-08-22 13:03 - 2014-08-22 13:03 - 00002027 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-08-22 13:01 - 2014-08-22 13:06 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-22 12:57 - 2014-08-22 12:58 - 219347792 _____ () C:\Users\humm\Downloads\netbeans-8.0-windows.exe
2014-08-22 12:13 - 2014-08-22 12:13 - 00000000 ____D () C:\Users\humm\AppData\Roaming\DL
2014-08-22 12:12 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\humm\.Zettelkasten
2014-08-22 12:11 - 2014-08-22 12:11 - 03120141 _____ () C:\Users\humm\Downloads\Zettelkasten3_windows.zip
2014-08-22 12:11 - 2014-08-22 12:11 - 00000000 ____D () C:\Program Files (x86)\Zettelkasten3_windows
2014-08-22 11:09 - 2014-08-22 11:09 - 00033004 _____ () C:\ComboFix.txt
2014-08-22 10:39 - 2014-08-22 11:09 - 00000000 ____D () C:\Qoobox
2014-08-22 10:39 - 2014-08-22 11:09 - 00000000 ____D () C:\ComboFix
2014-08-22 10:39 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-22 10:39 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-22 10:39 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-22 10:38 - 2014-08-22 11:06 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 10:38 - 2014-08-22 10:39 - 00000000 ____D () C:\32788R22FWJFW
2014-08-22 10:37 - 2014-08-22 10:37 - 05572006 ____R (Swearware) C:\Users\humm\Desktop\ComboFix.exe
2014-08-22 10:36 - 2014-08-22 10:37 - 05572006 _____ (Swearware) C:\Users\humm\Downloads\ComboFix.exe
2014-08-20 19:15 - 2014-08-20 19:15 - 00160752 _____ () C:\Users\humm\Downloads\sparql (6)
2014-08-20 19:10 - 2014-08-20 19:10 - 10307800 _____ () C:\Users\humm\Downloads\sparql (5)
2014-08-20 19:08 - 2014-08-20 19:08 - 21135223 _____ () C:\Users\humm\Downloads\sparql (4)
2014-08-20 19:05 - 2014-08-20 19:05 - 00039682 _____ () C:\Users\humm\Downloads\sparql (3)
2014-08-20 18:52 - 2014-08-20 18:53 - 10307800 _____ () C:\Users\humm\Downloads\sparql (2)
2014-08-20 17:32 - 2014-08-20 17:32 - 00018799 _____ () C:\Users\humm\Downloads\sparql (1)
2014-08-20 17:28 - 2014-08-20 17:28 - 00012350 _____ () C:\Users\humm\Downloads\sparql
2014-08-20 09:35 - 2014-08-25 11:28 - 00045587 _____ () C:\Users\humm\Downloads\Addition.txt
2014-08-20 09:34 - 2014-08-26 16:43 - 00031228 _____ () C:\Users\humm\Downloads\FRST.txt
2014-08-20 09:34 - 2014-08-26 16:43 - 00000000 ____D () C:\FRST
2014-08-20 09:33 - 2014-08-25 11:21 - 02103296 _____ (Farbar) C:\Users\humm\Downloads\FRST64.exe
2014-08-19 17:06 - 2014-08-19 17:06 - 00001719 _____ () C:\Users\humm\Downloads\Terminplan_SS14_IHU.ics
2014-08-18 10:11 - 2014-08-18 10:11 - 00001364 _____ () C:\Users\humm\Downloads\cacert.crt
2014-08-17 20:12 - 2014-08-07 03:52 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-17 20:12 - 2014-08-07 03:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 17:08 - 2014-08-07 17:08 - 00000688 _____ () C:\Users\humm\Downloads\TerminExport_140028468tuw133.ics
2014-08-07 13:38 - 2014-08-07 13:38 - 00292880 _____ () C:\Windows\Minidump\080714-30872-01.dmp
2014-08-05 12:04 - 2014-08-05 12:04 - 00003146 _____ () C:\Windows\System32\Tasks\{7316B325-C691-4BA3-A54E-F0B70D944370}
2014-08-05 12:01 - 2014-08-05 12:01 - 00001048 _____ () C:\Users\Public\Desktop\VR-NetWorld.lnk
2014-08-05 11:58 - 2014-08-05 11:59 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\humm\Downloads\VRNetWorldSW_51311.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-26 16:43 - 2014-08-20 09:34 - 00031228 _____ () C:\Users\humm\Downloads\FRST.txt
2014-08-26 16:43 - 2014-08-20 09:34 - 00000000 ____D () C:\FRST
2014-08-26 16:38 - 2014-08-26 16:38 - 00854417 _____ () C:\Users\humm\Downloads\SecurityCheck.exe
2014-08-26 16:18 - 2011-11-25 16:09 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA.job
2014-08-26 15:33 - 2010-04-05 22:48 - 00000000 ____D () C:\Users\humm\.freemind
2014-08-26 13:01 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-26 13:01 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-26 12:57 - 2010-04-05 05:22 - 01552296 _____ () C:\Windows\WindowsUpdate.log
2014-08-26 12:55 - 2011-02-07 13:26 - 00000000 ___RD () C:\Users\humm\Dropbox
2014-08-26 12:55 - 2011-02-07 13:24 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Dropbox
2014-08-26 12:53 - 2014-08-26 12:52 - 00292880 _____ () C:\Windows\Minidump\082614-24258-01.dmp
2014-08-26 12:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-26 12:52 - 2014-08-26 12:52 - 870865041 _____ () C:\Windows\MEMORY.DMP
2014-08-26 12:52 - 2013-07-03 07:27 - 00024155 _____ () C:\Windows\setupact.log
2014-08-26 12:52 - 2010-10-27 15:33 - 00000000 ____D () C:\Windows\Minidump
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-26 12:44 - 2014-08-26 12:44 - 02347384 _____ (ESET) C:\Users\humm\Downloads\esetsmartinstaller_deu.exe
2014-08-26 12:35 - 2009-07-14 12:57 - 00727876 _____ () C:\Windows\system32\perfh007.dat
2014-08-26 12:35 - 2009-07-14 12:57 - 00157592 _____ () C:\Windows\system32\perfc007.dat
2014-08-26 12:35 - 2009-07-14 07:13 - 01699050 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-26 12:21 - 2012-10-23 10:23 - 00000000 ____D () C:\Program Files (x86)\eclipse
2014-08-26 12:21 - 2010-12-01 21:54 - 00000000 ____D () C:\Users\humm\AppData\Local\Eclipse
2014-08-26 11:28 - 2011-11-25 16:09 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core.job
2014-08-25 14:46 - 2013-08-14 15:46 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-08-25 11:42 - 2010-04-05 16:03 - 00000000 ____D () C:\Users\humm\AppData\Local\TSVNCache
2014-08-25 11:28 - 2014-08-20 09:35 - 00045587 _____ () C:\Users\humm\Downloads\Addition.txt
2014-08-25 11:23 - 2014-08-25 11:27 - 00047642 _____ () C:\Users\humm\Desktop\FRST.txt
2014-08-25 11:23 - 2014-08-25 11:27 - 00045587 _____ () C:\Users\humm\Desktop\Addition.txt
2014-08-25 11:21 - 2014-08-25 11:21 - 00000000 ____D () C:\Users\humm\Downloads\FRST-OlderVersion
2014-08-25 11:21 - 2014-08-20 09:33 - 02103296 _____ (Farbar) C:\Users\humm\Downloads\FRST64.exe
2014-08-25 11:19 - 2014-08-25 11:19 - 00000755 _____ () C:\Users\humm\Desktop\JRT.txt
2014-08-25 11:12 - 2014-08-25 11:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 11:11 - 2014-08-25 11:11 - 01016261 _____ (Thisisu) C:\Users\humm\Downloads\JRT.exe
2014-08-25 11:07 - 2014-08-25 11:07 - 00001932 _____ () C:\Users\humm\Desktop\AdwCleaner[S2].txt
2014-08-25 11:02 - 2013-09-09 14:32 - 00012500 _____ () C:\Windows\PFRO.log
2014-08-25 11:00 - 2014-07-07 13:41 - 00000000 ____D () C:\AdwCleaner
2014-08-25 10:53 - 2014-08-25 10:53 - 01364531 _____ () C:\Users\humm\Downloads\adwcleaner_3.308.exe
2014-08-25 10:52 - 2014-08-25 10:52 - 00001140 _____ () C:\Users\humm\Desktop\mbam.txt
2014-08-25 10:30 - 2014-07-18 19:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 10:29 - 2014-08-25 10:29 - 00001112 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-25 10:29 - 2014-07-18 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-25 10:29 - 2014-07-18 19:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-25 10:26 - 2014-08-25 10:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\humm\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-25 09:58 - 2010-04-28 17:38 - 00000000 ____D () C:\Users\Public\Documents\VR-NetWorld
2014-08-25 09:56 - 2014-08-25 09:56 - 00504644 _____ () C:\Users\humm\Desktop\vrexport.csv
2014-08-24 13:36 - 2011-02-28 16:48 - 00000000 ____D () C:\Users\humm\AppData\Roaming\TopQuadrant
2014-08-24 13:35 - 2014-08-24 13:32 - 00000000 ____D () C:\Users\humm\Downloads\tbc-win32.win32.x86_64-4.1.0.v20121228-2356r
2014-08-24 13:27 - 2014-08-24 13:27 - 00000000 ____D () C:\Users\humm\Downloads\virtuoso-opensource-x64-20140217
2014-08-24 13:27 - 2014-08-24 13:26 - 18697285 _____ () C:\Users\humm\Downloads\virtuoso-opensource-x64-20140217.zip
2014-08-24 13:27 - 2014-08-24 13:20 - 179782726 _____ () C:\Users\humm\Downloads\tbc-win32.win32.x86_64-4.1.0.v20121228-2356r.zip
2014-08-23 11:44 - 2014-08-23 11:34 - 00000000 ____D () C:\Program Files (x86)\Protege_5.0_beta
2014-08-23 11:35 - 2014-08-23 11:35 - 00000000 ____D () C:\Users\humm\.Protege
2014-08-23 11:35 - 2014-08-23 11:34 - 00000000 ____D () C:\Users\humm\Downloads\protege-5.0.0-beta-15
2014-08-23 11:35 - 2010-04-05 13:06 - 00000000 ____D () C:\Users\humm
2014-08-23 11:33 - 2014-08-23 11:32 - 15289492 _____ () C:\Users\humm\Downloads\protege-5.0.0-beta-15.zip
2014-08-22 16:51 - 2010-04-06 18:28 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Skype
2014-08-22 14:03 - 2010-04-05 14:35 - 00000000 ____D () C:\Users\humm\.nbi
2014-08-22 13:53 - 2012-09-05 11:58 - 00000000 ____D () C:\Users\humm\AppData\Roaming\NetBeans
2014-08-22 13:53 - 2012-09-05 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-08-22 13:06 - 2014-08-22 13:01 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-22 13:03 - 2014-08-22 13:03 - 00002027 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-08-22 12:58 - 2014-08-22 12:57 - 219347792 _____ () C:\Users\humm\Downloads\netbeans-8.0-windows.exe
2014-08-22 12:46 - 2014-08-22 12:12 - 00000000 ____D () C:\Users\humm\.Zettelkasten
2014-08-22 12:13 - 2014-08-22 12:13 - 00000000 ____D () C:\Users\humm\AppData\Roaming\DL
2014-08-22 12:11 - 2014-08-22 12:11 - 03120141 _____ () C:\Users\humm\Downloads\Zettelkasten3_windows.zip
2014-08-22 12:11 - 2014-08-22 12:11 - 00000000 ____D () C:\Program Files (x86)\Zettelkasten3_windows
2014-08-22 11:22 - 2014-07-23 19:38 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Nico Mak Computing
2014-08-22 11:09 - 2014-08-22 11:09 - 00033004 _____ () C:\ComboFix.txt
2014-08-22 11:09 - 2014-08-22 10:39 - 00000000 ____D () C:\Qoobox
2014-08-22 11:09 - 2014-08-22 10:39 - 00000000 ____D () C:\ComboFix
2014-08-22 11:09 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-22 11:06 - 2014-08-22 10:38 - 00000000 ____D () C:\Windows\erdnt
2014-08-22 11:01 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-22 10:58 - 2009-07-14 04:34 - 93847552 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-08-22 10:58 - 2009-07-14 04:34 - 26738688 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-08-22 10:58 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-08-22 10:58 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-08-22 10:58 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-08-22 10:39 - 2014-08-22 10:38 - 00000000 ____D () C:\32788R22FWJFW
2014-08-22 10:37 - 2014-08-22 10:37 - 05572006 ____R (Swearware) C:\Users\humm\Desktop\ComboFix.exe
2014-08-22 10:37 - 2014-08-22 10:36 - 05572006 _____ (Swearware) C:\Users\humm\Downloads\ComboFix.exe
2014-08-20 19:15 - 2014-08-20 19:15 - 00160752 _____ () C:\Users\humm\Downloads\sparql (6)
2014-08-20 19:10 - 2014-08-20 19:10 - 10307800 _____ () C:\Users\humm\Downloads\sparql (5)
2014-08-20 19:08 - 2014-08-20 19:08 - 21135223 _____ () C:\Users\humm\Downloads\sparql (4)
2014-08-20 19:05 - 2014-08-20 19:05 - 00039682 _____ () C:\Users\humm\Downloads\sparql (3)
2014-08-20 18:53 - 2014-08-20 18:52 - 10307800 _____ () C:\Users\humm\Downloads\sparql (2)
2014-08-20 17:32 - 2014-08-20 17:32 - 00018799 _____ () C:\Users\humm\Downloads\sparql (1)
2014-08-20 17:28 - 2014-08-20 17:28 - 00012350 _____ () C:\Users\humm\Downloads\sparql
2014-08-20 15:02 - 2012-04-05 13:04 - 00000000 ____D () C:\Temp
2014-08-20 15:02 - 2011-03-22 15:04 - 00000000 ____D () C:\Program Files (x86)\OntoStudio-3.0.3-B893
2014-08-19 17:06 - 2014-08-19 17:06 - 00001719 _____ () C:\Users\humm\Downloads\Terminplan_SS14_IHU.ics
2014-08-18 15:44 - 2010-04-06 18:27 - 00000000 ____D () C:\ProgramData\Skype
2014-08-18 13:09 - 2014-07-23 20:04 - 00009902 _____ () C:\Users\humm\Desktop\log.xml
2014-08-18 12:22 - 2010-03-04 18:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-18 12:21 - 2013-08-07 19:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-18 12:16 - 2010-03-04 09:52 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-18 12:14 - 2014-07-09 19:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-18 10:11 - 2014-08-18 10:11 - 00001364 _____ () C:\Users\humm\Downloads\cacert.crt
2014-08-17 20:00 - 2014-05-27 10:14 - 00001026 _____ () C:\Users\humm\Desktop\Dropbox.lnk
2014-08-17 20:00 - 2011-02-07 13:24 - 00000000 ____D () C:\Users\humm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-07 17:08 - 2014-08-07 17:08 - 00000688 _____ () C:\Users\humm\Downloads\TerminExport_140028468tuw133.ics
2014-08-07 13:38 - 2014-08-07 13:38 - 00292880 _____ () C:\Windows\Minidump\080714-30872-01.dmp
2014-08-07 03:52 - 2014-08-17 20:12 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:46 - 2014-08-17 20:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 12:04 - 2014-08-05 12:04 - 00003146 _____ () C:\Windows\System32\Tasks\{7316B325-C691-4BA3-A54E-F0B70D944370}
2014-08-05 12:02 - 2010-04-28 17:38 - 00000000 ____D () C:\Program Files (x86)\VR-NetWorld
2014-08-05 12:01 - 2014-08-05 12:01 - 00001048 _____ () C:\Users\Public\Desktop\VR-NetWorld.lnk
2014-08-05 11:59 - 2014-08-05 11:58 - 42988342 _____ (Volksbanken Raiffeisenbanken ) C:\Users\humm\Downloads\VRNetWorldSW_51311.exe
2014-08-05 09:20 - 2010-03-04 09:42 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\humm\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps9hcmb.dll
C:\Users\humm\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03
Ran by humm at 2014-08-26 16:44:15
Running from C:\Users\humm\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Sophos Anti-Virus (Disabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Disabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.10 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0910-000001000000}) (Version: 9.10.00.0 - Igor Pavlov)
Acronis*True*Image*Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.6053 - Acronis)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Allegro CL 9.0 Free Express Edition Express (HKLM-x32\...\Allegro CL 9.0 Free Express Edition Express) (Version: - )
ASUS U3100MINI PLUS V2 (HKLM-x32\...\TVRTLDrv) (Version: - )
ATMinInstall64 (Version: 7.10.0.1129 - AuthenTec) Hidden
AutoHotkey 1.1.03.00 (HKLM-x32\...\AutoHotkey) (Version: 1.1.03.00 - AutoHotkey Community)
BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden
Brother HL-3040CN (HKLM-x32\...\{6F7A1B18-5EB3-4827-8644-19BD1277B9B8}) (Version: 1.00 - Brother)
BS64MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.7.1893 - CDBurnerXP)
Cisco WebEx Meeting Center für Firefox oder Chrome (HKLM-x32\...\{50B62367-6210-45E4-AA1E-A0532926E429}) (Version: 8.29.3201 - Cisco WebEx LLC)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.1.15.0 - Swiss Academic Software)
Citrix Presentation Server Client - Web Only (HKLM-x32\...\{C49067A8-8212-4A82-A4D9-1519701644F0}) (Version: 10.100.55836 - Citrix Systems, Inc.)
DCP64MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
Dell Control Point 64 (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Dell ControlPoint Connection Manager 64 (HKLM\...\{CE964618-AED2-4304-AC75-2EF8D0B47ECC}) (Version: 1.4.0 - Ihr Firmenname)
Dell ControlPoint Security Manager (HKLM-x32\...\{F4487649-7368-4217-AEA3-1E04DB3E2C5C}) (Version: 1.6.453.66 - Dell Inc.)
Dell ControlPoint System Manager (HKLM\...\{87EBE6AA-E4AA-4F3B-975C-72575C660BE7}) (Version: 1.4.00000 - Dell Inc.)
Dell ControlVault Host Components Installer 64Bit (Version: 1.7.450.290 - Broadcom Corporation) Hidden
Dell Embassy Trust Suite by Wave Systems (Version: 02.05.00.058 - Wave Systems Corp) Hidden
Dell Security Device Driver Pack (HKLM-x32\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.4.050 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.102.101.230 - ALPS ELECTRIC CO., LTD.)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
EMBASSY Security Center Lite (Version: 04.01.00.029 - Ihr Firmenname) Hidden
EMBASSY Security Center Lite (x32 Version: - ) Hidden
EMBASSY Security Setup (Version: 04.01.00.028 - Ihr Firmenname) Hidden
EMBASSY Security Setup (x32 Version: - ) Hidden
ESC Home Page Plugin (Version: 04.01.00.004 - Ihr Firmenname) Hidden
ESC Home Page Plugin (x32 Version: - ) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.2.6 - Telerik)
FileZilla Client 3.3.2 (HKLM-x32\...\FileZilla Client) (Version: 3.3.2 - )
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Gemalto (Version: 01.64.00.0010 - Wave Systems Corp) Hidden
Ghost Control 3.0.6 (HKLM-x32\...\Ghost Control_is1) (Version: - N.R.S.)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript 8.71 (HKLM-x32\...\GPL Ghostscript 8.71) (Version: - )
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
Integrated Webcam Driver (1.03.02.0919) (HKLM\...\Creative OA001) (Version: - )
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.1 - Intel)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 8 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.129 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.350 - Oracle)
Java(TM) SE Development Kit 6 Update 26 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
Java(TM) SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
JavaFX(TM) 1.2 SDK (HKLM-x32\...\{5aa47dba-b584-4d47-a626-76e53f010203}) (Version: 1.2.3 - Sun Microsystems, Inc.)
JetBrains PyCharm 2.7.3 (HKLM-x32\...\PyCharm 2.7.3) (Version: 129.782 - JetBrains s.r.o.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MCE Software Encoder 1.1 (HKLM-x32\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.2323 - CyberLink Corporation)
Media Player Classic - Home Cinema v. 1.3.1249.0 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: - ) <==== ATTENTION
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Standard 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Visio MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Project Standard 2010 (HKLM-x32\...\Office14.PRJSTD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu (HKLM\...\{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
MiKTeX 2.8 (HKLM-x32\...\MiKTeX 2.8) (Version: 2.8 - MiKTeX.org)
Mindjet MindManager Viewer 7 (HKLM-x32\...\{8E55813F-2FA3-47E8-9AF9-31DC0B4AE3ED}) (Version: 7.1.394 - Mindjet LLC)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Server 5.1 (HKLM\...\{DE35700E-4D3C-41A5-8BF0-44A5FDE4A6C5}) (Version: 5.1.59 - MySQL AB)
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.6 - )
NTRU TCG Software Stack (Version: 2.1.29 - NTRU Cryptosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.54.32 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\nView Desktop Manager) (Version: - )
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.212.0 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Preboot Manager (Version: 03.01.00.036 - Wave Systems Corp.) Hidden
Python 3.3.2 (64-bit) (HKLM\...\{9fa9a2a6-19e4-381a-8af3-f8cf12f0dcf0}) (Version: 3.3.2150 - Python Software Foundation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Schriftart Hochschule Darmstadt (HKLM-x32\...\{F269C6FD-4675-40D5-85C1-27D5DB39B4CC}) (Version: 1.0 - Default Manufacturer)
Service Pack 1 für SQL Server 2008 (KB 968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slik Subversion 1.8.5 (x64) (HKLM\...\{F69D8404-BCB7-43E4-ACA5-B5D26A2A7C53}) (Version: 1.8.5.0 - SlikSvn & The SharpSvn Project)
SO64MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
StarUML 5.0.2.1570 (HKLM-x32\...\StarUML_is1) (Version: - Plastic Software, Inc.)
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.10408 - TeamViewer GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
tools-linux (x32 Version: 9.2.3.1031769 - VMware, Inc.) Hidden
TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)
TreeSize Free V2.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.5 - JAM Software)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1 - TrueCrypt Foundation)
Trusted Drive Manager (Version: 3.3.0.396 - Wave Systems Corp.) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM-x32\...\{877B3198-1C6B-4A9A-8D28-BE4F6040987F}) (Version: 10.1.2531.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJSTD_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003A-0000-0000-0000000FF1CE}_Office14.PRJSTD_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJSTD_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJSTD_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJSTD_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UPEK TouchChip Fingerprint Reader (Version: 1.2.0 - Dell Inc.) Hidden
UTAX TA Product Library (HKLM\...\UTAX TA Product Library) (Version: 2.0.0713 - Kyocera Mita Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.2 - VMware, Inc)
VMware Player (Version: 5.0.2 - VMware, Inc.) Hidden
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version: - )
Wave Infrastructure Installer (Version: 07.65.19.0000 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.11.00.033 - Ihr Firmenname) Hidden
Wave Support Software (x32 Version: - ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live ID-Anmelde-Assistent (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
WordNet 2.1 (HKLM-x32\...\{58582B88-0260-4C80-9A89-8CA0923AFD26}) (Version: 2.1 - Princeton University Cognitive Science Laboratory)
XAMPP 1.8.1 (HKLM-x32\...\xampp) (Version: - )
XMind 2013 (v3.4.0) (HKLM-x32\...\XMind_is1) (Version: 3.4.0.201311050558 - XMind Ltd.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\humm\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981756314-3708649137-1025281987-1014_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\humm\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-08-22 11:00 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1E34E4DC-A454-49A1-B3E1-1E637A3474EA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {5B58430D-2312-481C-A0F1-F226F66EA39A} - System32\Tasks\{DFFDEF7C-2F48-44F9-A85A-1FE5BACC5739} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {814EF0A8-9A18-43A6-A97C-488EFC174306} - System32\Tasks\{090F2998-D097-4CD3-8A97-C89AE5E59AB6} => E:\DELL-Install\2-Diverses\03-CD-Burner\CD Burner XP 4.2.7.1801.exe
Task: {95A41ECC-313A-4987-B4A7-F7639DF8D847} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {CCDA4829-88A0-4922-B351-398B587DADB1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25] (Google Inc.)
Task: {FEEA4BB5-EC4C-4F7C-B062-03D9D568AE84} - System32\Tasks\{F4C90DB0-FA16-49E5-B41C-2C1B077F9F21} => E:\setup.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014Core.job => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3981756314-3708649137-1025281987-1014UA.job => C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-09-21 16:04 - 2009-09-21 16:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-04-20 17:13 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2009-11-15 20:31 - 2009-11-15 20:31 - 00050688 _____ () C:\Program Files\VPN Client\dtpd.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00026624 _____ () C:\Program Files\VPN Client\libidb.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00013312 _____ () C:\Program Files\VPN Client\liblog.dll
2009-11-15 20:23 - 2009-11-15 20:23 - 00017920 _____ () C:\Program Files\VPN Client\libith.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00119296 _____ () C:\Program Files\VPN Client\libip.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034816 _____ () C:\Program Files\VPN Client\libvflt.dll
2009-11-15 20:25 - 2009-11-15 20:25 - 00019456 _____ () C:\Program Files\VPN Client\libdtp.dll
2009-11-15 20:28 - 2009-11-15 20:28 - 00948224 _____ () C:\Program Files\VPN Client\iked.exe
2009-11-15 20:24 - 2009-11-15 20:24 - 00030720 _____ () C:\Program Files\VPN Client\libpfk.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00034304 _____ () C:\Program Files\VPN Client\libvnet.dll
2009-11-15 20:24 - 2009-11-15 20:24 - 00028160 _____ () C:\Program Files\VPN Client\libike.dll
2009-11-15 20:26 - 2009-11-15 20:26 - 00690688 _____ () C:\Program Files\VPN Client\ipsecd.exe
2010-03-04 10:12 - 2009-11-12 14:48 - 00071096 _____ () C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-11-24 14:37 - 2013-11-24 14:37 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-11-24 14:36 - 2013-11-24 14:36 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2009-11-25 01:36 - 2009-11-25 01:36 - 00125440 _____ () C:\Program Files (x86)\Notepad++\NppShell_01.dll
2009-11-13 09:32 - 2009-11-13 09:32 - 00013824 _____ () C:\Windows\system32\Wavx_ESC_Logging.dll
2008-11-12 14:29 - 2008-11-12 14:29 - 00004608 _____ () C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_DEU.dll
2014-08-26 16:38 - 2014-08-26 16:38 - 00854417 _____ () C:\Users\humm\Downloads\SecurityCheck.exe
2009-12-22 12:21 - 2009-12-22 12:21 - 00128512 _____ () C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMBIOSController.dll
2014-08-26 12:55 - 2014-08-26 12:55 - 00043008 _____ () c:\users\humm\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps9hcmb.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\humm\AppData\Roaming\Dropbox\bin\libcef.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2010-10-25 15:13 - 2010-10-25 15:13 - 02893216 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2010-10-25 15:15 - 2010-10-25 15:15 - 01445888 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2010-02-21 18:33 - 2010-02-21 18:33 - 00094208 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-11-24 13:48 - 2013-11-24 13:48 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 00718152 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 00126280 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 08537928 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 00353096 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-17 20:01 - 2014-08-07 05:20 - 01732936 _____ () C:\Users\humm\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2010-10-25 15:15 - 2010-10-25 15:15 - 00105984 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU
2013-11-24 13:48 - 2013-11-24 13:48 - 00071408 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2009-09-14 02:06 - 2009-09-14 02:06 - 00204800 _____ () C:\Program Files (x86)\Notepad++\plugins\ComparePlugin.dll
2008-09-06 14:51 - 2008-09-06 14:51 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2007-08-05 03:10 - 2007-08-05 03:10 - 00250368 _____ () C:\Program Files (x86)\Notepad++\plugins\Config\tidy\libTidy.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TdmNotify.lnk => C:\Windows\pss\TdmNotify.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk => C:\Windows\pss\TMMonitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VR-NetWorld Auftragsprüfung.lnk => C:\Windows\pss\VR-NetWorld Auftragsprüfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^humm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: BrStsWnd => C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_Plugin.exe -update plugin
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files (x86)\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: Ghost Control => "C:\Program Files (x86)\Ghost Control\ghost.exe" -startup
MSCONFIG\startupreg: Google Update => "C:\Users\humm\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: VMware hqtray => "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
==================== Faulty Device Manager Devices =============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/26/2014 04:42:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (08/26/2014 00:58:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (08/26/2014 00:45:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (08/26/2014 00:44:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (08/26/2014 00:44:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error: (08/25/2014 11:28:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 24.8.2014.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17ac
Startzeit: 01cfc04605d6abef
Endzeit: 3
Anwendungspfad: C:\Users\humm\Downloads\FRST64.exe
Berichts-ID:
System errors:
=============
Error: (08/26/2014 02:21:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (08/26/2014 00:53:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apache Tomcat Tomcat7" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/26/2014 00:53:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (08/26/2014 00:53:00 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff8000397e1bd, 0xfffff8800dec9e80, 0x0000000000000000)C:\Windows\MEMORY.DMP082614-24258-01
Error: (08/26/2014 00:52:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Sophos Cleanup Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/26/2014 00:52:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 26.08.2014 um 12:51:25 unerwartet heruntergefahren.
Error: (08/25/2014 11:39:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apache Tomcat Tomcat7" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/25/2014 11:39:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (08/25/2014 11:38:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Sophos Cleanup Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (02/24/2014 02:19:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 12741 seconds with 960 seconds of active time. This session ended with a crash.
|
|
27.08.2014, 10:04
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7: CPU Auslastung 100% Java und Adobe updaten. Unbedingt Windows updaten, da fehlt ein ganzes Servicepack!! Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.08.2014, 18:44
| #11 |
| | Windows 7: CPU Auslastung 100% Alles erledigt :-) P.S. selbstverständlich lasse ich Windows Updates regelmäßig zu. Allerdings hat das SP Update immer wieder Fehler geworfen. Ich habe bereits einige Microsoft-Empfehlungen befolgt, aber das hat leider nicht gefruchtet :-( Herzlichen Dank für die prompten Antworten und die kompetente Hilfe! Dies ist ein toller Service. Gerne habe ich Euch auch eine Spende zukommen lassen. |
|
28.08.2014, 08:38
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7: CPU Auslastung 100% Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: CPU Auslastung 100% |
| 100%, adware, antimalware, appdata, auslastung, code, cpu, cpu auslastung 100%, cpu-auslastung, datei, firefox, google, infektion, logfile, malwarebytes, microsoft, problem, registry, scan, schließen, software, sophos, system, werbung, windows, windows7 einfrieren prozessor 100% |
WARNUNG an die MITLESER: 
Linear-Darstellung
