Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Virus entfernt, bitte um Analyse, ob rechner nun sauber ist

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 21.01.2015, 22:15   #1
fump
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



hi @ all,

hatte mir heute etwas eingefangen und bin mir nicht sicher ob ich alles erwischt habe. Ausgelöst wurde alles von der Datei, die einen Patch für ein Problem versprach : https://www.virustotal.com/de/file/e792e0d93187671bbbc3eed511d5b80ef4a8da8bb532422a83aaaba2e4f81667/analysis/1421855432/

Misstrauig wurde ich als nach dem Start nix passierte und die Datei einfach aus dem Verzeichniss verschwand. Also nochmal aus den Archiv entpackt und auf der Seite checken lassen mit dem Ergebniss.
Das ganze hat aber keine Adminrechte gefordert und lief sozusagen max. mit Userrechten, da ich die UAC ganz oben habt

Dann sofort in die Registry gekuckt und siehe da, schöner neuer Eintrag, im RUN bereich, der nach dem Löschen immer wieder erstellt wurde.
Also gekuckt mit dem ProzessExplorer welcher Prozess den Eintrag erstellt. Diesen auch gefunden, Verursacher war C:\Windows\SysWOW64\svchost.exe. Davon waren auch 3 stück gestartet mit userrechten. Alle gekillt und den eintrag gelöscht ... kam auch nicht wieder. Ebenso alle neu erstellten Ordner für den Zeitraum im Verzeichniss "C:\Users\***\AppData\Roaming"

Danach MSconfig und Dienste kontrolliert, nix verdächtiges mehr zu finden.

Danach auch keine Verdächtigen Aktionen mehr bemerkt und habe neu gestartet. Alles sieht wieder normal aus, außer das mit aufgefallen ist, das conhost.exe auf einmal da ist als untergeortneter prozess von csrss.exe. Allerdings wird oft gesagt, das der ok ist, manchmal aber auch nicht. Die Exe befindet sich auch an der stelle wo sie sein sollte.

so scanns gemacht mit EIST Online Scanner:

Code:
ATTFilter
C:\Documents and Settings\****\Anwendungsdaten\Mozilla\Firefox\Profiles\jaqy80h6.default\prefs.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Documents and Settings\****\Anwendungsdaten\Mozilla\Firefox\Profiles\jaqy80h6.default\user.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Documents and Settings\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\prefs.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Documents and Settings\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\user.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\jaqy80h6.default\prefs.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\****\Anwendungsdaten\Mozilla\Firefox\Profiles\jaqy80h6.default\user.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\prefs.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Dokumente und Einstellungen\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\user.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Users\****\Anwendungsdaten\Mozilla\Firefox\Profiles\jaqy80h6.default\prefs.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Users\****\Anwendungsdaten\Mozilla\Firefox\Profiles\jaqy80h6.default\user.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\prefs.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\user.js	JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung
Arbeitsspeicher	Win32/HideWindow potenziell unsichere Anwendung
         
Hier macht mich der Eintrag Arbeitsspeicher Win32/HideWindow potenziell unsichere Anwendung nachdenklich

HijackThis Log:

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:46:49, on 21.01.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)

FIREFOX: 15.0.1 (de)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\AIM\aim.exe
C:\Users\****\AppData\Roaming\ICQM\icq.exe
E:\Skype\Phone\Skype.exe
X:\Razer\DeathAdder\razerhid.exe
X:\Acronis\TrueImageHome\TrueImageMonitor.exe
X:\DVBViewer\Scheduler.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
X:\Razer\DeathAdder\razertra.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
X:\uTorrent\utorrent.exe
X:\Razer\DeathAdder\razerofa.exe
X:\Razer\DeathAdder\vdDaemon.exe
E:\mIRC1\mirc.exe
X:\Microsoft Office\OFFICE11\OUTLOOK.EXE
Z:\Steam\Steam.exe
Z:\Steam\bin\steamwebhelper.exe
Z:\Steam\bin\steamwebhelper.exe
E:\Firefox\firefox.exe
E:\Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
X:\DVBViewer\dvbviewer.exe
G:\BittorrendFiles\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - X:\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [DeathAdder] X:\Razer\DeathAdder\razerhid.exe
O4 - HKLM\..\Run: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "X:\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe" "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware "
O4 - HKCU\..\Run: [NetLimiter] X:\NetLimiter 3\NLClientApp.exe /tray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [ICQ] C:\Users\****\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [Skype] "E:\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Microsoft Office Outlook 2003.lnk = ?
O4 - Startup: Scheduler.exe - Verknüpfung.lnk = X:\DVBViewer\Scheduler.exe
O4 - Startup: utorrent.lnk = X:\uTorrent\utorrent.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://X:\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - X:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\****\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\****\AppData\Roaming\ICQM\icq.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5221C4C4-43C0-4140-BAA3-DCABF2A416D1}: NameServer = 192.168.0.250
O17 - HKLM\System\CS1\Services\Tcpip\..\{5221C4C4-43C0-4140-BAA3-DCABF2A416D1}: NameServer = 192.168.0.250
O17 - HKLM\System\CS2\Services\Tcpip\..\{5221C4C4-43C0-4140-BAA3-DCABF2A416D1}: NameServer = 192.168.0.250
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Unknown owner - C:\AMD\amdacpusrsvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - Y:\Steam_Games_Y\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark - X:\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - X:\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\NAV.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetLimiter 3 Service (nlsvc) - Locktime Software - X:\NetLimiter 3\nlsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - X:\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10539 bytes
         
Panda Cloud Cleaner:

Zitat:
folgt

als normalen Virenscanner habe ich Norton Antivirus, aber der hat die ganze Zeit nicht angeschlagen, war ich doch bissel bescheiden finde !


Wie ist eure Meinung? PC wieder soweit sicher ? Was hätte der Virus denn so angerichtet? Da was bekannt ?

Geändert von fump (21.01.2015 um 22:55 Uhr)

Alt 21.01.2015, 23:28   #2
Bootsektor
Ruhe in Frieden
† 2019
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist





Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Hijackthis verwenden wir schon lange nicht mehr zur Analyse
Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 22.01.2015, 03:06   #3
fump
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



Hallo Sandra, hier die gewünschten Logfiles, Panda Scan lief parallel und läuft noch immer

€dit: ok dieser Panda Cloud Scan ist buggy, der kommt nie zum Ende und lässt immer wieder die gleichen Daten in Schleife scannen

FRST.TXT


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by **** (administrator) on SEBASTIAN on 22-01-2015 00:31:21
Running from C:\Users\****\Desktop
Loaded Profiles: **** & RettungsAdmin & Administrator (Available profiles: **** & RettungsAdmin & Administrator)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) X:\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Locktime Software) X:\NetLimiter 3\nlsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) X:\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Locktime Software) X:\NetLimiter 3\NLClientApp.exe
(AOL Inc.) C:\Program Files (x86)\AIM\aim.exe
(ICQ) C:\Users\****\AppData\Roaming\ICQM\icq.exe
(Skype Technologies S.A.) E:\Skype\Phone\Skype.exe
() X:\Razer\DeathAdder\razerhid.exe
(Acronis) X:\Acronis\TrueImageHome\TrueImageMonitor.exe
() X:\DVBViewer\Scheduler.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() X:\Razer\DeathAdder\razertra.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BitTorrent Inc.) X:\uTorrent\uTorrent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Razer Inc.) X:\Razer\DeathAdder\razerofa.exe
() X:\Razer\DeathAdder\vdDaemon.exe
(mIRC Co. Ltd.) E:\mIRC1\mirc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Valve Corporation) Z:\Steam\Steam.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(VideoLAN) X:\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) E:\Firefox\firefox.exe
(Mozilla Corporation) E:\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe
() E:\MSI Afterburner\MSIAfterburner.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) X:\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) X:\Microsoft Office\OFFICE11\WINWORD.EXE
() G:\BittorrendFiles\PandaCloudCleaner\PCloudCleaner.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391296 2010-08-21] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DeathAdder] => X:\Razer\DeathAdder\razerhid.exe [248320 2011-03-21] ()
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695984 2011-03-25] (brother)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => X:\Acronis\TrueImageHome\TrueImageMonitor.exe [5493736 2010-08-21] (Acronis)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [NetLimiter] => X:\NetLimiter 3\NLClientApp.exe [2910208 2011-03-21] (Locktime Software)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Aim] => C:\Program Files (x86)\AIM\aim.exe [4331392 2012-05-30] (AOL Inc.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [ICQ] => C:\Users\****\AppData\Roaming\ICQM\icq.exe [33664344 2014-01-01] (ICQ)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Skype] => E:\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\MountPoints2: {da2275a3-f75f-11e0-861d-806e6f6e6963} - H:\auto.exe
HKU\S-1-5-21-3438649541-831985882-319497044-1008\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3438649541-831985882-319497044-500\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk
ShortcutTarget: Microsoft Office Outlook 2003.lnk -> C:\Windows\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\outicon.exe ()
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Scheduler.exe - Verknüpfung.lnk
ShortcutTarget: Scheduler.exe - Verknüpfung.lnk -> X:\DVBViewer\Scheduler.exe ()
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\utorrent.lnk
ShortcutTarget: utorrent.lnk -> X:\uTorrent\uTorrent.exe (BitTorrent Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3438649541-831985882-319497044-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3438649541-831985882-319497044-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3438649541-831985882-319497044-1008\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> X:\Java\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> X:\Java\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> X:\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{5221C4C4-43C0-4140-BAA3-DCABF2A416D1}: [NameServer] 192.168.0.250

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default
FF Homepage: about:blank
FF NetworkProxy: "backup.ftp", "72.64.146.136"
FF NetworkProxy: "backup.ftp_port", 43
FF NetworkProxy: "backup.gopher", "130.241.126.4"
FF NetworkProxy: "backup.gopher_port", 8000
FF NetworkProxy: "backup.socks", "72.64.146.136"
FF NetworkProxy: "backup.socks_port", 43
FF NetworkProxy: "backup.ssl", "72.64.146.136"
FF NetworkProxy: "backup.ssl_port", 43
FF NetworkProxy: "ftp", "207.211.15.134"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "35.9.27.27"
FF NetworkProxy: "gopher_port", 3128
FF NetworkProxy: "http", "207.211.15.134"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "207.211.15.134"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "207.211.15.134"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> X:\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> X:\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Acrobat -> X:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> X:\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\user.js
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\searchplugins\blasc.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\searchplugins\rollyo-1-63680.xml
FF Extension: Move Media Player - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\moveplayer@movenetworks.com [2011-10-15]
FF Extension: DownloadHelper - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: CanvasBlocker - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2014-12-06]
FF Extension: Classic Theme Restorer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-04-29]
FF Extension: Ghostery - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\firefox@ghostery.com.xpi [2013-08-21]
FF Extension: NoScript - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-10-04]
FF Extension: Modify Headers - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2014-07-16]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-04]
FF Extension: Greasemonkey - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-07-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-09-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-04]
FF StartMenuInternet: FIREFOX.EXE - E:\Firefox\firefox.exe

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-08] (Adobe Systems) [File not signed]
S2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [112640 2014-08-11] () [File not signed]
S3 DAUpdaterSvc; Y:\Steam_Games_Y\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-03-29] (BioWare)
S3 Futuremark SystemInfo Service; X:\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NAV; X:\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 nlsvc; X:\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-07] ()
S2 SkypeUpdate; E:\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
R3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2014-10-15] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-15] (Advanced Micro Devices)
R1 BHDrvx64; X:\Norton AntiVirus\Norton AntiVirus\NortonData\21.0.2.1\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 CrystalSysInfo; G:\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys [10240 2005-09-19] () [File not signed]
R3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [12032 2010-04-19] (Razer (Asia-Pacific) Pte Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R2 ei2c; C:\Windows\system32\drivers\ei2c.sys [20784 2013-08-08] (Nicomsoft Ltd.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-01-13] (Symantec Corporation)
S3 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769816 2011-07-09] (www.ext2fsd.com)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-08-01] ()
R1 IDSVia64; X:\Norton AntiVirus\Norton AntiVirus\NortonData\21.0.2.1\Definitions\IPSDefs\20150120.001\IDSvia64.sys [668888 2015-01-09] (Symantec Corporation)
U0 lmiq; C:\Windows\System32\drivers\xbsrnsot.sys [79064 2015-01-21] (Malwarebytes Corporation)
R3 NAVENG; X:\Norton AntiVirus\Norton AntiVirus\NortonData\21.0.2.1\Definitions\VirusDefs\20150120.034\ENG64.SYS [129752 2015-01-20] (Symantec Corporation)
R3 NAVEX15; X:\Norton AntiVirus\Norton AntiVirus\NortonData\21.0.2.1\Definitions\VirusDefs\20150120.034\EX64.SYS [2137304 2015-01-20] (Symantec Corporation)
R1 nltdi; X:\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 RivaTuner64; X:\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2012-01-29] ()
R3 RTCore64; E:\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 SKYNET; C:\Windows\System32\DRIVERS\SkyNET_AMD64.SYS [617048 2010-05-10] (TechniSat Digital, S.A.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-10-15] () [File not signed]
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 tbwkern; C:\Windows\System32\DRIVERS\tbwkern.sys [32848 2011-06-13] () [File not signed]
U5 UnlockerDriver5; E:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2014-08-13] (Microsoft Corporation)
U3 axtdoq5i; C:\Windows\System32\Drivers\axtdoq5i.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S2 ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys [X]
U2 ccEvtMgr; No ImagePath
U2 ccSetMgr; No ImagePath
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\E:\PC Wizard 2013\pcwiz_x64.sys [X]
R0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
U3 navapsvc; No ImagePath
S3 PRLVNIC; system32\DRIVERS\prl_vnic.sys [X]
S2 prl_net; system32\DRIVERS\prl_net.sys [X]
U3 SAVRT; No ImagePath
U1 SAVRTPEL; No ImagePath
U3 TlntSvr; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 00:31 - 2015-01-22 00:31 - 00023532 _____ () C:\Users\****\Desktop\FRST.txt
2015-01-22 00:31 - 2015-01-22 00:31 - 00000000 ____D () C:\FRST
2015-01-22 00:01 - 2015-01-22 00:01 - 02126848 _____ (Farbar) C:\Users\****\Desktop\frst64.exe
2015-01-21 21:57 - 2013-04-29 09:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-01-21 20:10 - 2015-01-21 20:10 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-21 18:54 - 2015-01-21 18:54 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\xbsrnsot.sys
2015-01-21 18:39 - 2015-01-21 18:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-20 16:43 - 2015-01-21 17:42 - 00000250 _____ () C:\Windows\Tasks\TELE 5 22-01-2015 22-10-00 WWE RAW.job
2015-01-20 16:43 - 2015-01-21 17:42 - 00000250 _____ () C:\Windows\Tasks\TELE 5 22-01-2015 22-08-00 WWE RAW.job
2015-01-20 16:43 - 2015-01-20 16:44 - 00002864 _____ () C:\Windows\System32\Tasks\TELE 5 22-01-2015 22-10-00 WWE RAW
2015-01-20 16:43 - 2015-01-20 16:44 - 00002864 _____ () C:\Windows\System32\Tasks\TELE 5 22-01-2015 22-08-00 WWE RAW
2015-01-13 19:04 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 19:04 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 19:04 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 19:04 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 19:04 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 19:04 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 19:04 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:04 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:04 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 19:04 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 19:04 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 19:04 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 19:04 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 19:04 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-13 19:04 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 18:44 - 2015-01-13 18:44 - 00289914 ____N () C:\Windows\Minidump\011315-24086-01.dmp
2015-01-13 17:37 - 2014-11-03 20:37 - 00797456 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2015-01-13 17:37 - 2014-11-03 20:37 - 00387344 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2015-01-13 01:37 - 2015-01-13 01:37 - 00000000 ____D () C:\Users\****\AppData\Roaming\RenPy
2015-01-11 00:52 - 2015-01-11 00:52 - 00000000 ____D () C:\Users\****\AppData\Roaming\Frontier Developments
2015-01-11 00:52 - 2015-01-11 00:52 - 00000000 ____D () C:\Users\****\AppData\Local\Frontier Developments
2015-01-10 22:17 - 2015-01-10 22:17 - 06388344 _____ (Tim Kosse) C:\Users\****\Downloads\FileZilla_3.10.0_win32-setup.exe
2015-01-10 14:41 - 2015-01-10 14:41 - 00000000 ____D () C:\Users\****\AppData\Local\Frontier_Developments
2015-01-10 14:40 - 2015-01-10 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elite Dangerous
2015-01-07 21:16 - 2015-01-07 21:16 - 00000835 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2015-01-07 21:15 - 2015-01-07 21:15 - 00000000 ____D () C:\Users\****\AppData\Local\gtk-2.0
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\RettungsAdmin\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\****\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\Administrator\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-03 14:16 - 2015-01-13 18:51 - 00001275 _____ () C:\Users\****\Desktop\NAS 540.lnk
2014-12-30 17:03 - 2014-12-30 17:03 - 00000000 ____D () C:\Program Files (x86)\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 00:28 - 2013-05-15 12:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-22 00:07 - 2011-10-15 22:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Skype
2015-01-21 23:44 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 23:44 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 18:35 - 2012-01-29 18:47 - 00000000 ____D () C:\Users\****\.VirtualBox
2015-01-21 17:46 - 2010-11-21 07:22 - 00703012 _____ () C:\Windows\system32\perfh007.dat
2015-01-21 17:46 - 2010-11-21 07:22 - 00150952 _____ () C:\Windows\system32\perfc007.dat
2015-01-21 17:46 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 17:45 - 2011-10-15 20:07 - 01847258 _____ () C:\Windows\WindowsUpdate.log
2015-01-21 17:42 - 2014-08-12 17:14 - 00017208 _____ () C:\Windows\setupact.log
2015-01-21 17:42 - 2011-10-16 01:24 - 00000105 _____ () C:\Windows\Brownie.ini
2015-01-21 17:42 - 2010-11-21 04:47 - 107818298 _____ () C:\Windows\PFRO.log
2015-01-21 17:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-21 17:41 - 2014-07-22 14:38 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-01-21 00:10 - 2012-11-22 07:20 - 00000000 ____D () C:\Users\****\AppData\Local\CrashDumps
2015-01-21 00:10 - 2011-10-17 19:15 - 00000000 ____D () C:\Users\****\AppData\Roaming\vlc
2015-01-20 12:58 - 2011-10-19 17:38 - 00000000 ____D () C:\Users\****\AppData\Local\Eraser
2015-01-20 03:00 - 2013-01-01 14:21 - 00000000 ____D () C:\Users\****\AppData\Roaming\ICQM
2015-01-19 16:18 - 2011-10-16 01:25 - 00000432 _____ () C:\Windows\BRWMARK.INI
2015-01-17 17:32 - 2014-12-10 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-01-17 17:24 - 2011-10-16 01:50 - 00000000 ____D () C:\Users\****\Desktop\Tools
2015-01-17 17:15 - 2012-10-29 23:12 - 00000000 ____D () C:\Users\****\AppData\Local\Loksim3D
2015-01-17 17:13 - 2014-11-27 19:04 - 00000549 _____ () C:\Users\Public\Desktop\Loksim3D.lnk
2015-01-17 17:13 - 2014-11-27 19:04 - 00000549 _____ () C:\ProgramData\Desktop\Loksim3D.lnk
2015-01-17 17:13 - 2013-08-08 12:05 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 17:13 - 2012-03-03 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loksim3D
2015-01-17 13:31 - 2014-05-28 12:10 - 00000000 ____D () C:\Users\****\.gimp-2.8
2015-01-14 09:28 - 2013-05-15 12:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 09:28 - 2012-03-28 20:41 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 09:28 - 2011-10-16 00:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 21:15 - 2011-11-20 15:08 - 00000602 _____ () C:\Users\****\Desktop\MSI Afterburner.lnk
2015-01-13 19:09 - 2014-05-13 19:26 - 00109624 _____ () C:\Users\RettungsAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-13 19:08 - 2013-07-09 19:27 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 19:04 - 2011-10-15 20:55 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 18:44 - 2014-03-11 18:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-13 18:44 - 2012-05-08 22:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-13 18:44 - 2011-10-17 19:11 - 00000000 ____D () C:\Windows\Minidump
2015-01-10 22:32 - 2011-10-15 20:44 - 00000000 ____D () C:\Users\****\AppData\Roaming\FileZilla
2015-01-10 22:17 - 2014-09-23 19:26 - 00000615 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-01-10 22:17 - 2014-09-23 19:26 - 00000615 _____ () C:\ProgramData\Desktop\FileZilla Client.lnk
2015-01-10 22:17 - 2013-06-03 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-10 09:08 - 2011-10-16 00:48 - 00000000 ____D () C:\Program Files (x86)\AIM
2015-01-07 20:40 - 2012-03-13 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-02 00:36 - 2012-03-17 18:36 - 00000000 ____D () C:\Users\****\AppData\Roaming\TeamViewer
2014-12-31 20:52 - 2011-10-15 21:36 - 00950622 _____ () C:\Windows\DirectX.log
2014-12-30 17:03 - 2011-10-15 20:57 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======
2013-05-16 09:32 - 2013-07-12 20:48 - 0000000 _____ () C:\Users\****\AppData\Roaming\FileIn.cns
2013-05-16 09:32 - 2013-07-12 20:48 - 0000000 _____ () C:\Users\****\AppData\Roaming\FileOut.cns
2012-04-29 01:05 - 2012-08-28 15:07 - 0000079 _____ () C:\Users\****\AppData\Local\CrystalDiskMark30.ini
2012-02-08 15:57 - 2012-06-13 19:30 - 1348976 _____ () C:\Users\****\AppData\Local\parallels.log
2015-01-07 21:16 - 2015-01-07 21:16 - 0000835 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2011-10-22 13:01 - 2014-05-17 03:09 - 0007663 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
2013-11-14 20:17 - 2013-11-14 20:17 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-11-08 15:50 - 2014-11-08 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\drm_dyndata_7380007.dll
C:\Users\****\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\MSVBVM60.DLL
C:\Users\****\AppData\Local\Temp\msxml6-KB927977-enu-amd64.exe
C:\Users\****\AppData\Local\Temp\setup.exe
C:\Users\****\AppData\Local\Temp\setup64.exe
C:\Users\****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\****\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 04:36

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Addition.TXT

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by **** at 2015-01-22 00:34:41
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
18 WoS Extreme Trucker 2 (v.1.0) (HKLM-x32\...\18 WoS Extreme Trucker 2) (Version: 1.0 - SCS Software)
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.3 - Futuremark)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABbd406 1.00 (HKLM-x32\...\ABbd406 1.00) (Version: 1.00 - olsystems)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.5105 - Acronis)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.3 - Adobe Systems)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Advanced PDF Password Recovery (HKLM-x32\...\{FDF36223-1144-4309-A5C2-3D5DC40B6C82}) (Version: 5.4.48.423 - Elcomsoft Co. Ltd.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMIP (remove only) (HKLM-x32\...\AMIP) (Version:  - )
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.15.0 - Asmedia Technology)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.1.2 - ASUSTeK Computer Inc.)
Atmosphere Deluxe v7.1 (HKLM-x32\...\Atmosphere Deluxe_is1) (Version:  - Vectormedia Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BDomsb 1.00 (HKLM-x32\...\BDomsb 1.00) (Version: 1.00 - olsystems)
BDwsb 1.00 (HKLM-x32\...\BDwsb 1.00) (Version: 1.00 - olsystems)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Black & White® 2 Battle of the Gods (HKLM-x32\...\{10631C28-62E5-477C-9B40-40C5EA8219BE}) (Version: 1.00.0000 - Lionhead Studios)
BOINC (HKLM\...\{CFA4E1F2-090A-4335-A60B-98D8EC69E841}) (Version: 7.4.27 - Space Sciences Laboratory, U.C. Berkeley)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Brother HL-3040CN (HKLM-x32\...\{746CA010-936E-4224-A294-913394FD4214}) (Version: 1.00 - Brother)
Brother MFL-Pro Suite DCP-7010 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Bulletstorm (HKLM-x32\...\GFWL_{45410935-3E72-472B-8C35-AB1000008200}) (Version: 1.0.0000.130 - EA)
Bulletstorm (x32 Version: 1.0.0000.130 - EA) Hidden
BulletStorm (x32 Version: 1.0.0005.130 - EA) Hidden
Byu 1.00 (HKLM-x32\...\Byu 1.00) (Version: 1.00 - olsystems)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version:  - Colossal Order Ltd.)
Cities in Motion 2 (HKLM-x32\...\Steam App 225420) (Version:  - )
Cities XL 2012 (HKLM-x32\...\Cities XL 2012) (Version: 1.0.0 - Focus Home Interactive)
Cities XL 2012 Version 1.0 (HKLM-x32\...\{C01BF16B-6D37-4C45-BAF4-3D0350806411}_is1) (Version: 1.0 - Focus Home Interactive)
Combined Community Codec Pack 2013-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
CrystalDiskInfo 5.0.3 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.0.3 - Crystal Dew World)
CrystalDiskMark 3.0.2f (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
CVE-2012-1889 (HKLM\...\{06b2b7ed-809a-44e6-8538-ca0f5b74ecc4}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{29447369-6968-4e86-a208-603f6f0771a6}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{393ffabe-5a1a-43b3-8e03-8f573e1e0d01}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{7d32ab1f-1858-4373-a75a-b7cd8feb5d92}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{f300e352-12de-4e7f-ace3-a376874402b6}.sdb) (Version:  - )
CVE-2012-4969 (HKLM\...\{777afb2a-98e5-4f14-b455-378a925cae15}.sdb) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DB Donnerbuechsen 1.00 (HKLM-x32\...\DB Donnerbuechsen 1.00) (Version: 1.00 - olsystems)
DB D-ZUG Schlafwagen WLAB4uem 1.00 (HKLM-x32\...\DB D-ZUG Schlafwagen WLAB4uem 1.00) (Version: 1.00 - olsystems)
DBuz 1.00 (HKLM-x32\...\DBuz 1.00) (Version: 1.00 - olsystems)
DBv 1.00 (HKLM-x32\...\DBv 1.00) (Version: 1.00 - olsystems)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Die Völker 2 Gold (HKLM-x32\...\Gamedownload Die Völker 2 Gold) (Version: 1.0.0.0 - Gamedownload)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 1.9.2.0 - DiskInternals Research)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Drakensang (High Texture Pack) (HKLM-x32\...\Drakensang_is1) (Version:  - dtp AG)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version:  - Gas Powered Games)
Dungeon Siege 2 (HKLM-x32\...\Steam App 39200) (Version:  - Gas Powered Games)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version:  - Obsidian Entertainment)
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 4.8.1 - CM&V)
DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version:  - CM&V)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 8.2.1.3 (28/09/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
Dwarfs!? (HKLM-x32\...\Steam App 35480) (Version:  - Power of 2)
Earth 2160 (HKLM-x32\...\Earth 2160) (Version: 1.3.8.0 - Topware Interactive AG)
EF CheckSum Manager (HKLM\...\EF CheckSum Manager) (Version:  - EFSoftware)
Elite Dangerous Launcher version 0.4.1844.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1844.0 - Frontier Developments)
ElsterFormular (HKLM-x32\...\ElsterFormular 13.2.0.8623p) (Version: 13.2.0.8623p - Landesfinanzdirektion Thüringen)
Empire Earth Gold Edition (HKLM-x32\...\Gamedownload Empire Earth Gold Edition) (Version: 1.0.0.0 - Gamedownload)
Empire Earth II Gold Edition (HKLM-x32\...\Gamedownload Empire Earth II Gold Edition) (Version: 1.0.0.0 - Gamedownload)
Endless Space (HKLM-x32\...\Endless Space_is1) (Version:  - )
Eraser (HKLM-x32\...\Eraser) (Version:  - Heidi Computers Ltd.)
Eraser (x32 Version: 5.86 - Heidi Computers Ltd.) Hidden
e-Saver version 3.1 (HKLM-x32\...\{C97CA73D-E96B-4B42-830E-D0F7BD780FB8}_is1) (Version: 3.1 - AOC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EveMeepV3 (HKLM-x32\...\{52F7EC17-C7D9-4254-BBC5-404A67844ED1}) (Version: 1.0.2 - Evemeep)
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.3.4116 - battleclinic.com)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Ext2Fsd 0.51 (HKLM\...\Ext2Fsd_is1) (Version: 0.51 - Matt Wu)
FAHClient (HKLM-x32\...\FAHClient) (Version: 7.4.4 - Stanford University)
FileZilla Client 3.10.0 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0 - Tim Kosse)
Folding@home-gpu (HKLM-x32\...\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}) (Version: 6.23 - Folding@home)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
From Dust (HKLM-x32\...\Steam App 33460) (Version:  - Ubisoft Montpellier)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
gamelauncher-ps2-psg (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\SOE-Y:/PlanetSide 2) (Version:  - Sony Online Entertainment)
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
German Wagon Pack 1.00 (HKLM-x32\...\German Wagon Pack 1.00) (Version: 1.00 - olsystems)
GIANTS Editor 5.0.1 (HKLM-x32\...\giants_editor_5.0.1_is1) (Version: 5.0.1 - GIANTS Software GmbH)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Guild 2 King's Edition (HKLM-x32\...\{378BA9B5-DB6C-41DB-BE93-86CD198A8A9E}) (Version: 1.0.0 - JoWood)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ICE 1 Redesign 1.00 (HKLM-x32\...\ICE 1 Redesign 1.00) (Version: 1.00 - olsystems)
ICE 2 1.00 (HKLM-x32\...\ICE 2 1.00) (Version: 1.00 - olsystems)
ICE 3M 1.00 (HKLM-x32\...\ICE 3M 1.00) (Version: 1.00 - olsystems)
ICE T 1.00 (HKLM-x32\...\ICE T 1.00) (Version: 1.00 - olsystems)
ICQ 8.2 (build 6901) (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\ICQ) (Version: 8.2.6901.0 - ICQ)
iDeer Blu-ray Player (HKLM-x32\...\iDeer Blu-ray Player) (Version: 1.6.1.1750 - iDeerApp Software Inc.)
IndustrieGigant 2 - Gold Edition (HKLM-x32\...\{6910C412-A523-493C-BC22-0213CD7F4F3A}) (Version: 1.0.0 - JoWooD Productions Software AG)
IndustrieGigant 2 (HKLM-x32\...\{8FA7E81D-6D99-4788-8BE4-D898B346AB2E}) (Version: 1.1.0.0 - JoWooD Productions Software AG)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
KVIrc (HKLM-x32\...\KVIrc) (Version:  - Szymon Stefanek and The KVIrc Development Team)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Loksim3D (HKLM\...\Loksim3D_is1) (Version: 2.9.1 - Loksim3D)
Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version:  - Hanako Games)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version:  - )
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version:  - LucasArts)
Mountain (HKLM-x32\...\Steam App 313340) (Version:  - David OReilly)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 15.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Firefox 35.0 (x86 de) (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
MPC-HC 1.6.7.7114 (9eb64ec) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.7.7114 - MPC-HC Team)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 11 DiscSpeed (HKLM-x32\...\{B8B03F99-F600-4D96-ADBD-2F384240FB9C}) (Version: 11.0.00400 - Nero AG)
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{B3DC5C38-EAE3-4003-B6A7-DEF127E9A9AB}) (Version: 12.0.01100 - Nero AG)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Newshosting (HKLM\...\{FE76A200-134E-48EC-8E90-3C124F16BC7F}) (Version: 1.6.1 - Newshosting)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
ÖBB Railjet 1.00 (HKLM-x32\...\ÖBB Railjet 1.00) (Version: 1.00 - olsystems)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Parallels runtime modules (x32 Version: 1.00.0000 - Parallels) Hidden
Patch v2.2 (HKLM-x32\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version:  - RUNEFORGE Games Studios)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Patrician IV: Rise of a Dynasty (HKLM-x32\...\Steam App 57730) (Version:  - )
Patrician IV: Steam Special Edition (HKLM-x32\...\Steam App 57620) (Version:  - )
Patrizier 4 - Patch 1.1.1 (HKLM-x32\...\{5C9D5D8C-9245-45B4-B017-0AD03DA2EEAA}_is1) (Version:  - Kalypso Media)
Patrizier 4 (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.0.0 - Kalypso Media)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Pro Train 29 - Schwarzwaldbahn 1972 Deluxe 1.0  (HKLM-x32\...\Pro Train 29 - Schwarzwaldbahn 1972 Deluxe) (Version: 1.0 - Halycon Media)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProTrain  BR 106 1.0 (HKLM-x32\...\ProTrain  BR 106 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 13 Hamburg - Westerland 1.0 (HKLM-x32\...\ProTrain 13 Hamburg - Westerland 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 16 Schwarzwaldromantik 1.0 (HKLM-x32\...\ProTrain 16 Schwarzwaldromantik 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 18 Hamburg-Berlin 1.0 (HKLM-x32\...\ProTrain 18 Hamburg-Berlin 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 19 Berlin-Rostock 1.0 (HKLM-x32\...\ProTrain 19 Berlin-Rostock 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 21 Kiel-Flensburg 1.0 (HKLM-x32\...\ProTrain 21 Kiel-Flensburg 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 22 Erfurt - Suhl 1.0 (HKLM-x32\...\ProTrain 22 Erfurt - Suhl 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0 (HKLM-x32\...\ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 26 "Die schwäbische Eisenbahn" 1.0 (HKLM-x32\...\ProTrain 26 "Die schwäbische Eisenbahn" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 33 Frankfurt-Cottbus 1.0 (HKLM-x32\...\ProTrain 33 Frankfurt-Cottbus 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 36 1.0 (HKLM-x32\...\ProTrain 36 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 7 - Frankfurt-Nürnberg 1.0 (HKLM-x32\...\ProTrain 7 - Frankfurt-Nürnberg 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 7 "Spessartrampe" Update auf Version 1.2 1.2 (HKLM-x32\...\ProTrain 7 "Spessartrampe" Update auf Version 1.2 1.2) (Version: 1.2 - Blue Sky Interactive)
ProTrain 8 - Update auf Version 1.1 1.1 (HKLM-x32\...\ProTrain 8 - Update auf Version 1.1 1.1) (Version: 1.1 - Blue Sky Interactive)
ProTrain Extra 1.0 (HKLM-x32\...\ProTrain Extra 1.0) (Version: 1.0 - )
ProTrain Extra 2 1.0 (HKLM-x32\...\ProTrain Extra 2 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 3 1.0 (HKLM-x32\...\ProTrain Extra 3 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 4 1.0 (HKLM-x32\...\ProTrain Extra 4 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 5 1.0 (HKLM-x32\...\ProTrain Extra 5 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 6 1.0 (HKLM-x32\...\ProTrain Extra 6 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 6 Update 1.01 1.01 (HKLM-x32\...\ProTrain Extra 6 Update 1.01 1.01) (Version: 1.01 - Blue Sky Interactive)
ProTrain Extra 7 1.0 (HKLM-x32\...\ProTrain Extra 7 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 8 1.0 (HKLM-x32\...\ProTrain Extra 8 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 9 1.0 (HKLM-x32\...\ProTrain Extra 9 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Karwendelbahn Aufgabenpaket 1 1.0 (HKLM-x32\...\ProTrain Karwendelbahn Aufgabenpaket 1 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - 3D Schienen - (HKLM-x32\...\{F3ADFC12-6BCB-42B0-A44C-0745F8AD99FA}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Aufgabenpack 1 - (HKLM-x32\...\{3BBAF8F6-D11A-4B20-9E42-80AE7AD6CD72}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Aufgabenpack 2 - (HKLM-x32\...\{EF497532-E79C-4BFA-8D44-3E4125D4B4F7}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Leipzig - Saalfeld  - (HKLM-x32\...\{7DB1D6CD-9CEA-487C-930F-59DDB2B989FB}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Nürnberg - Saalfeld - (HKLM-x32\...\{1FE4482C-E7EC-4A88-B3EE-AC13054E789E}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 (HKLM-x32\...\AuranTS2009_ptp2_is1) (Version:  - Auran)
ProTrain Perfect Addon 3 - Leipzig - Berlin  - (HKLM-x32\...\{2CE81076-F837-40F0-B8C4-4CA8A9B3D2E3}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Addon 5 - Fulda - Würzburg  - (HKLM-x32\...\{CC82B97C-6937-4170-9F3A-7FF8959D686B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Vogelfluglinie Activitiepack 1 1.0 (HKLM-x32\...\ProTrain Vogelfluglinie Activitiepack 1 1.0) (Version: 1.0 - Blue Sky Interactive)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RailTraction Sahlmmps 1.00 (HKLM-x32\...\RailTraction Sahlmmps 1.00) (Version: 1.00 - olsystems)
Railtraction Sdggmrss 1.00 (HKLM-x32\...\Railtraction Sdggmrss 1.00) (Version: 1.00 - olsystems)
Railtraction Uacns 1.00 (HKLM-x32\...\Railtraction Uacns 1.00) (Version: 1.00 - olsystems)
Railworks 3 Train Simulator 2012 Deluxe (HKLM-x32\...\Railworks 3 Train Simulator 2012 Deluxe_is1) (Version:  - )
Railworks Plus Pack Vol.2 1.11 (HKLM-x32\...\Railworks Plus Pack Vol.2 1.11) (Version: 1.11 - olsystems)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer DeathAdder(TM) Mouse (HKLM-x32\...\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}) (Version: 3.03 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
RW0381 Arkbimbz 1.0 (HKLM-x32\...\RW0381 Arkbimbz 1.0) (Version: 1.0 - trainsimblog.tk)
RX-SSTV Version 1.3.1 (HKLM-x32\...\RX-SSTV_is1) (Version:  - ON6MU)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Sins of a Solar Empire - Trinity (HKLM-x32\...\Sins of a Solar Empire - Trinity) (Version: 1.00 - Stardock Entertainment, Inc.)
Sins of a Solar Empire - Trinity (x32 Version: 1.00 - Stardock Entertainment, Inc.) Hidden
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
Staedteexpress 1.00 (HKLM-x32\...\Staedteexpress 1.00) (Version: 1.00 - olsystems)
Star Conflict Launcher 1.0.1.17 (HKLM-x32\...\StarConflictLauncher_is1) (Version:  - )
Star Ruler (HKLM-x32\...\StarRuler) (Version:  - )
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
Stellar Impact (HKLM-x32\...\Steam App 207150) (Version:  - Tindalos Interactive)
StreamTransport version: 1.1.4.0 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Stronghold 2 (HKLM-x32\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - FireFly Studios)
SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013. (HKLM-x32\...\{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1) (Version: +Recorder.2013.55 - eRightSoft)
SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51 (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52 (HKLM-x32\...\{8F311E2E-C275-4CF0-8154-B63991832668}_is1) (Version: v2012.build.52 - eRightSoft)
SUPER © Version 2008.bld.33 (Sep 2, 2008) (HKLM-x32\...\SUPER ©) (Version: Version 2008.bld.33 (Sep 2, 2008) - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.3.3 - TechniSat)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Softworks)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
The Settlers: Kingdoms of Anteria (HKLM-x32\...\SKoA) (Version:  - Ubisoft GmbH)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - )
Train Simulator 2015 GE Update 7 1.02 (HKLM-x32\...\Train Simulator 2015 GE Update 7 1.02) (Version: 1.02 - olsystems)
Train Simulator 2015 GE Update 8 1.07 (HKLM-x32\...\Train Simulator 2015 GE Update 8 1.07) (Version: 1.07 - olsystems)
Triebwagen 1.00 (HKLM-x32\...\Triebwagen 1.00) (Version: 1.00 - olsystems)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
TS2015 GE Wagen Upgrade Pack 1.00 (HKLM-x32\...\TS2015 GE Wagen Upgrade Pack 1.00) (Version: 1.00 - olsystems)
TTB Szenario Pack Munich-Augsburg 1.00 (HKLM-x32\...\TTB Szenario Pack Munich-Augsburg 1.00) (Version: 1.00 - olsystems)
TTB Szenario Pack Vol.1 Berlin Wittenberg 1.06 (HKLM-x32\...\TTB Szenario Pack Vol.1 Berlin Wittenberg 1.06) (Version: 1.06 - olsystems)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Viscera Cleanup Detail - ALPHA (HKLM\...\UDK-ff8f3672-fcac-403e-ad9b-9b9585a6dcdf) (Version:  - RuneStorm)
Vizzart BR112 1.00 (HKLM-x32\...\Vizzart BR112 1.00) (Version: 1.00 - olsystems)
Vizzart BR112 Update 1.1 1.00 (HKLM-x32\...\Vizzart BR112 Update 1.1 1.00) (Version: 1.00 - olsystems)
Vizzart BR429 1.00 (HKLM-x32\...\Vizzart BR429 1.00) (Version: 1.00 - olsystems)
Vizzart IC Steuerwagen Rot 1.00 (HKLM-x32\...\Vizzart IC Steuerwagen Rot 1.00) (Version: 1.00 - olsystems)
Vizzart IC Steuerwagen Weiß 1.00 (HKLM-x32\...\Vizzart IC Steuerwagen Weiß 1.00) (Version: 1.00 - olsystems)
Vizzart Metropolitan 1.00 (HKLM-x32\...\Vizzart Metropolitan 1.00) (Version: 1.00 - olsystems)
Vizzart Regioshuttle 1.00 (HKLM-x32\...\Vizzart Regioshuttle 1.00) (Version: 1.00 - olsystems)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VR DB IC Wagen 1.00 (HKLM-x32\...\VR DB IC Wagen 1.00) (Version: 1.00 - olsystems)
VR DB Reisezugwagen Epoche III IV 1.00 (HKLM-x32\...\VR DB Reisezugwagen Epoche III IV 1.00) (Version: 1.00 - olsystems)
VR DB Schnellzugwagen Epoche 4 1.00 (HKLM-x32\...\VR DB Schnellzugwagen Epoche 4 1.00) (Version: 1.00 - olsystems)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - )
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebTemp 3.38-pre12 (kostenlose Version) (HKLM-x32\...\WebTemp_is1) (Version:  - hxxp://www.webtemp.org)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Support Tools (HKLM-x32\...\{F07F0BCD-5C6D-4499-9F05-6ED747078A72}) (Version: 5.2.3790.3959 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinHTTrack Website Copier 3.45-4 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.45.4 - HTTrack)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRK 3.1.2 (win64) (HKLM\...\WinRK) (Version: 3.1.2 (win64) - M Software Ltd.)
WinUAE 2.5.1 (HKLM-x32\...\WinUAE) (Version: 2.5.1 - Arabuusimiehet)
World of Tanks v.0.7.1 (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
X Rebirth (HKLM-x32\...\Steam App 2870) (Version:  - Egosoft)
X3 Albion Prelude Bonuspaket 5.1.0.0 (HKLM-x32\...\X3AP Bonus Pack_is1) (Version: 5.1.0.0 - Egosoft)
X3 Terran Conflict v3.2 (HKLM-x32\...\X3TerranConflict_is1) (Version:  - EGOSOFT)
X3: Albion Prelude (HKLM-x32\...\Steam App 201310) (Version:  - Egosoft)
X3: Terran Conflict (HKLM-x32\...\Steam App 2820) (Version:  - Egosoft)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - )
YDKJ Collection (HKLM-x32\...\{ED28CD78-02BC-4014-A548-EFFB9A0673D0}) (Version: 1.00.0000 - DocStrange)
YOU DON'T KNOW JACK Vol. 1 XL (HKLM-x32\...\Steam App 252730) (Version:  - )
YOU DON'T KNOW JACK Vol. 2 (HKLM-x32\...\Steam App 259940) (Version:  - )
YOU DON'T KNOW JACK Vol. 3 (HKLM-x32\...\Steam App 259960) (Version:  - )
YOU DON'T KNOW JACK Vol. 4 The Ride (HKLM-x32\...\Steam App 259980) (Version:  - )
Zusi 3.0.4 (Demo) (HKLM-x32\...\www.zusi.de/zusi3/demo_is1) (Version: 3 - Carsten Hölscher)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-13 18:06 - 00002435 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B6DBE0C-0C37-4048-9E14-8E214F10DE4E} - System32\Tasks\{C7C62EEA-1CB9-411B-ADC0-921FCA507EEE} => pcalua.exe -a G:\BittorrendFiles\msicuu2.exe -d E:\Firefox
Task: {20DA0CDD-1477-4D22-A1CA-F400F5C4B363} - System32\Tasks\TELE 5 22-01-2015 22-08-00 WWE RAW => X:\DVBViewer\Scheduler.exe [2008-02-02] ()
Task: {341C3792-B8D0-45A7-AFE1-9A75A0128354} - System32\Tasks\Norton WSC Integration => X:\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {43570AE7-2E85-4658-8CE0-DD61748CC9EB} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => X:\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {49B229FD-4F3B-4D81-872D-1AB9D360F630} - System32\Tasks\{4D97262F-6D65-4D64-9BCA-97289E538BAD} => G:\BittorrendFiles\SHEEP\SHEEP.EXE
Task: {4C281622-3D3C-42F0-987B-B19188BCDBA8} - System32\Tasks\Norton AntiVirus\Norton Error Processor => X:\Norton AntiVirus\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4CF66300-B9BD-4808-915E-43071A8B528E} - System32\Tasks\{9BB6A573-4E88-49C6-A9FB-BE35DB3F951C} => G:\BittorrendFiles\SHEEP\SHEEP.EXE
Task: {51F3FD09-7DF6-41F7-9024-A73959C1B513} - System32\Tasks\{1231FFA1-CB67-47EA-8000-A21AA189AFDD} => G:\BittorrendFiles\SHEEP\SHEEP.EXE
Task: {7BB1F6D4-07A3-4897-85FF-CE15885A7413} - System32\Tasks\{E21B8BCF-827E-4096-AEF0-F378883AFFF5} => pcalua.exe -a "Y:\Steam_Games_Y\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "Y:\Steam_Games_Y\steamapps\common\Left 4 Dead 2" -c /register
Task: {8BE3E5E1-5341-48C7-B600-D451346BC35F} - System32\Tasks\regedit => regedit.exe 
Task: {B23AB2E8-529B-471F-AEBB-260D0DC7FBA5} - System32\Tasks\TELE 5 22-01-2015 22-10-00 WWE RAW => X:\DVBViewer\Scheduler.exe [2008-02-02] ()
Task: {B35A5A97-8760-42C1-A37D-0D110F519B2A} - System32\Tasks\{B705B4F3-F33C-41B9-B508-7170C8E84614} => pcalua.exe -a "Z:\Die Siedler Königreiche von Anteria\SKoA\SKoA.exe" -c --uninstall
Task: {C39387F7-1DB9-4A45-8B62-D0C143A149C4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {C87C40F1-4412-49AA-B0AF-8937D89C264C} - System32\Tasks\{E1D2A0A9-2C2D-468E-B3CF-FE1A0634F49F} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {E9DBD043-E827-434F-BDA8-6DED42DCC71F} - System32\Tasks\{25D2C6D6-A585-49D3-A603-8202CF479F51} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1618
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\TELE 5 22-01-2015 22-08-00 WWE RAW.job => X:\DVBViewer\Scheduler.exe
Task: C:\Windows\Tasks\TELE 5 22-01-2015 22-10-00 WWE RAW.job => X:\DVBViewer\Scheduler.exe

==================== Loaded Modules (whitelisted) =============

2012-09-08 14:18 - 2011-03-21 15:19 - 00053248 _____ () X:\NetLimiter 3\nlsvcPS.dll
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () X:\FileZilla\fzshellext_64.dll
2012-09-08 14:22 - 2011-05-28 21:05 - 00164864 _____ () X:\WinRAR\rarext.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () E:\Unlocker\UnlockerCOM.dll
2012-09-08 14:18 - 2011-03-21 10:06 - 00248320 _____ () X:\Razer\DeathAdder\razerhid.exe
2012-09-08 14:17 - 2008-02-02 17:11 - 00228352 _____ () X:\DVBViewer\Scheduler.exe
2012-09-08 14:18 - 2010-04-27 13:41 - 00218112 _____ () X:\Razer\DeathAdder\razertra.exe
2012-09-08 14:18 - 2011-04-14 10:48 - 01758208 _____ () X:\Razer\DeathAdder\vdDaemon.exe
2014-07-30 10:38 - 2014-07-30 10:38 - 00121363 _____ () X:\VideoLAN\VLC\libvlc.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 02524691 _____ () X:\VideoLAN\VLC\libvlccore.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00713235 _____ () X:\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00031251 _____ () X:\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00034323 _____ () X:\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 12501523 _____ () X:\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01470995 _____ () X:\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00070163 _____ () X:\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 02376211 _____ () X:\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00106515 _____ () X:\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00263699 _____ () X:\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00080915 _____ () X:\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00051219 _____ () X:\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00063507 _____ () X:\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00608275 _____ () X:\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01022995 _____ () X:\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00125459 _____ () X:\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00043539 _____ () X:\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017427 _____ () X:\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00140307 _____ () X:\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 02218003 _____ () X:\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00318995 _____ () X:\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00058387 _____ () X:\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00043027 _____ () X:\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00091667 _____ () X:\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00341011 _____ () X:\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00021523 _____ () X:\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01505811 _____ () X:\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00330771 _____ () X:\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00417811 _____ () X:\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00230931 _____ () X:\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00029715 _____ () X:\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00019475 _____ () X:\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01745427 _____ () X:\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00192019 _____ () X:\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00025619 _____ () X:\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00833555 _____ () X:\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00022035 _____ () X:\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00031763 _____ () X:\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00218643 _____ () X:\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 11244051 _____ () X:\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00857107 _____ () X:\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00040467 _____ () X:\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00028179 _____ () X:\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00701459 _____ () X:\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017427 _____ () X:\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00139795 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00186387 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00081939 _____ () X:\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01506835 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00025619 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00016915 _____ () X:\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017939 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017939 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00121875 _____ () X:\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017427 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00032787 _____ () X:\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00018963 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00024083 _____ () X:\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00029715 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00057363 _____ () X:\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00019475 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00038419 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00024083 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00027667 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00018451 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00018451 _____ () X:\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017427 _____ () X:\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00057875 _____ () X:\VideoLAN\VLC\plugins\video_output\libdirect2d_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00274963 _____ () X:\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01739283 _____ () X:\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2014-12-06 08:03 - 2014-12-06 08:03 - 00565760 _____ () E:\MSI Afterburner\MSIAfterburner.exe
2015-01-21 20:10 - 2014-06-26 07:44 - 00358144 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2015-01-21 20:40 - 2014-07-11 13:21 - 04623096 _____ () G:\BittorrendFiles\PandaCloudCleaner\PCloudCleaner.exe
2012-05-30 18:11 - 2012-05-30 18:11 - 00176128 _____ () C:\Program Files (x86)\AIM\nssckbi.dll
2014-01-01 14:56 - 2014-01-01 14:56 - 00857944 _____ () C:\Users\****\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2008-08-02 21:14 - 2008-03-14 23:52 - 00012288 _____ () E:\mIRC1\script\dlls\dmu.dll
2008-08-02 21:14 - 2008-03-14 23:52 - 00018944 _____ () E:\mIRC1\script\dlls\mdock61.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 02396672 _____ () Z:\Steam\libavcodec-56.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00442880 _____ () Z:\Steam\libavutil-54.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00479744 _____ () Z:\Steam\libavformat-56.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00332800 _____ () Z:\Steam\libavresample-2.dll
2014-05-25 21:51 - 2014-11-11 19:47 - 00774656 _____ () Z:\Steam\SDL2.dll
2015-01-19 23:32 - 2014-12-02 01:29 - 05002752 _____ () Z:\Steam\v8.dll
2015-01-19 23:32 - 2014-12-02 01:29 - 01612800 _____ () Z:\Steam\icui18n.dll
2015-01-19 23:32 - 2014-12-02 01:29 - 01210368 _____ () Z:\Steam\icuuc.dll
2014-05-25 21:51 - 2015-01-19 19:49 - 02227904 _____ () Z:\Steam\video.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00485888 _____ () Z:\Steam\libswscale-3.dll
2014-05-25 21:53 - 2015-01-19 19:49 - 00696000 _____ () Z:\Steam\bin\chromehtml.DLL
2014-05-25 21:53 - 2015-01-16 00:42 - 34641288 _____ () Z:\Steam\bin\libcef.dll
2014-08-14 18:48 - 2015-01-16 00:42 - 01709960 _____ () Z:\Steam\bin\ffmpegsumo.dll
2015-01-13 20:56 - 2015-01-13 20:56 - 03925104 _____ () E:\Firefox\mozjs.dll
2015-01-14 09:28 - 2015-01-14 09:28 - 16844464 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00071680 _____ () E:\MSI Afterburner\RTMUI.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00056832 _____ () E:\MSI Afterburner\RTFC.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00217600 _____ () E:\MSI Afterburner\RTCore.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00353792 _____ () E:\MSI Afterburner\RTUI.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00649216 _____ () E:\MSI Afterburner\RTHAL.dll
2015-01-21 20:40 - 2014-02-11 12:36 - 00221480 _____ () G:\BittorrendFiles\PandaCloudCleaner\PRSBLib.dll
2015-01-21 20:40 - 2013-07-24 18:33 - 00930784 _____ () G:\BittorrendFiles\PandaCloudCleaner\libxml2.dll
2015-01-21 20:40 - 2010-03-30 22:29 - 00279955 _____ () G:\BittorrendFiles\PandaCloudCleaner\libidn-11.dll
2015-01-21 20:40 - 2013-06-22 19:23 - 00113166 _____ () G:\BittorrendFiles\PandaCloudCleaner\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3438649541-831985882-319497044-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3438649541-831985882-319497044-501 - Limited - Enabled)
**** (S-1-5-21-3438649541-831985882-319497044-1000 - Administrator - Enabled) => C:\Users\****
HomeGroupUser$ (S-1-5-21-3438649541-831985882-319497044-1006 - Limited - Enabled)
Netzwerkgast (S-1-5-21-3438649541-831985882-319497044-1007 - Limited - Disabled)
RettungsAdmin (S-1-5-21-3438649541-831985882-319497044-1008 - Administrator - Enabled) => C:\Users\RettungsAdmin

==================== Faulty Device Manager Devices =============

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Parallels Networking Driver
Description: Parallels Networking Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: prl_net
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2015 05:44:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2015 05:42:16 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/21/2015 00:10:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x24ec
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/20/2015 00:29:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x181c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/19/2015 11:37:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x3794
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/19/2015 11:21:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x2910
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/18/2015 08:56:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x218c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/18/2015 08:27:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x27dc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/18/2015 09:06:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dvbviewer.exe, Version: 4.8.1.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: VSFilter.dll, Version: 3.0.0.217, Zeitstempel: 0x5165c9cb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000307d0
ID des fehlerhaften Prozesses: 0x1344
Startzeit der fehlerhaften Anwendung: 0xdvbviewer.exe0
Pfad der fehlerhaften Anwendung: dvbviewer.exe1
Pfad des fehlerhaften Moduls: dvbviewer.exe2
Berichtskennung: dvbviewer.exe3

Error: (01/18/2015 02:57:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x2a78
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3


System errors:
=============
Error: (01/21/2015 11:11:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\System32\DRIVERS\PSKMAD.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/21/2015 09:57:33 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\System32\DRIVERS\PSKMAD.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/21/2015 05:50:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ACP User Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/21/2015 05:42:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (01/21/2015 05:42:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/21/2015 05:42:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallels Networking Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/21/2015 05:05:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (01/21/2015 05:05:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/19/2015 11:32:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (01/21/2015 05:44:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2015 05:42:16 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/21/2015 00:10:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d24ec01d034ff38711a35X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll8608edd0-a0f9-11e4-8576-b4e0fe89ce63

Error: (01/20/2015 00:29:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d181c01d0343ea39eeeb6X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll05a46528-a033-11e4-8576-b4e0fe89ce63

Error: (01/19/2015 11:37:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d379401d034349569bc9fX:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dllaee88a94-a02b-11e4-8576-b4e0fe89ce63

Error: (01/19/2015 11:21:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d291001d033612898f94fX:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dllfa1f29b4-9fc4-11e4-8576-b4e0fe89ce63

Error: (01/18/2015 08:56:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d218c01d03355315f7efbX:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll091128e8-9f4c-11e4-8576-b4e0fe89ce63

Error: (01/18/2015 08:27:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d27dc01d0332922780072X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll07e6eef2-9f48-11e4-8576-b4e0fe89ce63

Error: (01/18/2015 09:06:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: dvbviewer.exe4.8.1.02a425e19VSFilter.dll3.0.0.2175165c9cbc0000005000307d0134401d0327913c621faX:\DVBViewer\dvbviewer.exeX:\Combined Community Codec Pack\Filters\VSFilter.dllf1584e17-9ee8-11e4-8576-b4e0fe89ce63

Error: (01/18/2015 02:57:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d2a7801d0329672971ac8X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll6ad95f9e-9eb5-11e4-8576-b4e0fe89ce63


CodeIntegrity Errors:
===================================
  Date: 2014-11-08 22:33:11.184
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-08 22:33:11.153
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.685
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.629
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.441
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.384
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.202
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.149
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:16.874
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:16.820
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 30%
Total physical RAM: 16332.44 MB
Available physical RAM: 11417.43 MB
Total Pagefile: 20426.63 MB
Available Pagefile: 14893.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:168.98 GB) NTFS
Drive d: (TempDaten) (Fixed) (Total:60 GB) (Free:48.2 GB) NTFS
Drive e: (GAMES) (Fixed) (Total:100.01 GB) (Free:19.78 GB) NTFS
Drive f: (DATEN) (Fixed) (Total:100.01 GB) (Free:31.86 GB) NTFS
Drive g: (INTERNET) (Fixed) (Total:100.01 GB) (Free:13.94 GB) NTFS
Drive m: (Media) (Fixed) (Total:863.01 GB) (Free:94.12 GB) NTFS
Drive v: (Sicherung_VMs) (Fixed) (Total:863.01 GB) (Free:633.31 GB) NTFS
Drive w: (BACKUP) (Fixed) (Total:105.74 GB) (Free:61.35 GB) NTFS
Drive x: (Programme) (Fixed) (Total:55.9 GB) (Free:28.98 GB) NTFS
Drive y: (Image) (Fixed) (Total:1000 GB) (Free:502.38 GB) NTFS
Drive z: (Netzwerk) (Fixed) (Total:1000 GB) (Free:527.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 4815C47A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 863DB41E)
Partition 1: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=305.7 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 14563881)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BF2A384C)
Partition 1: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2F865633)
Partition 1: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=863 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

kleiner Nachtrag, das es nun nicht mehr so wichtig ist, hab gerade das System auf den Stand von vorgestern von einen externen Backup zurückgesetzt, nun kommt auch diese conhost.exe nicht mehr.

danke trotzdem für die hilfe, villeicht trotzdem noch mal bitte durchkucken, ob ich was übersehen hatte vorher.

danke und mfg
__________________

Geändert von fump (22.01.2015 um 00:26 Uhr)

Alt 22.01.2015, 13:35   #4
fump
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



hab noch mal n FRST Scan laufen lassen, da ich noch immer diese Meldung von EIST bekommen hatte von wegen dem FF Profil und dem JS/SecurityDisabler.A.Gen

könnt ihr da bitte nochmals rüber kucken ?


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by **** (administrator) on SEBASTIAN on 22-01-2015 14:28:13
Running from C:\Users\****\Desktop
Loaded Profiles: **** (Available profiles: **** & RettungsAdmin & Administrator)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe
(Locktime Software) X:\NetLimiter 3\nlsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Locktime Software) X:\NetLimiter 3\NLClientApp.exe
(AOL Inc.) C:\Program Files (x86)\AIM\aim.exe
(ICQ) C:\Users\****\AppData\Roaming\ICQM\icq.exe
(Skype Technologies S.A.) E:\Skype\Phone\Skype.exe
() X:\Razer\DeathAdder\razerhid.exe
() X:\DVBViewer\Scheduler.exe
(Acronis) X:\Acronis\TrueImageHome\TrueImageMonitor.exe
(BitTorrent Inc.) X:\uTorrent\uTorrent.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() X:\Razer\DeathAdder\razertra.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) Z:\Steam\Steam.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() E:\MSI Afterburner\MSIAfterburner.exe
(Razer Inc.) X:\Razer\DeathAdder\razerofa.exe
() X:\Razer\DeathAdder\vdDaemon.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_257_ActiveX.exe
(Microsoft Corporation) X:\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) X:\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(CM&V Hackbart) X:\DVBViewer\dvbviewer.exe
(Adobe Systems Inc.) X:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) E:\Firefox\firefox.exe
(Mozilla Corporation) E:\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
(mIRC Co. Ltd.) E:\mIRC1\mirc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391296 2010-08-21] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DeathAdder] => X:\Razer\DeathAdder\razerhid.exe [248320 2011-03-21] ()
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695984 2011-03-25] (brother)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => X:\Acronis\TrueImageHome\TrueImageMonitor.exe [5493736 2010-08-21] (Acronis)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [NetLimiter] => X:\NetLimiter 3\NLClientApp.exe [2910208 2011-03-21] (Locktime Software)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Aim] => C:\Program Files (x86)\AIM\aim.exe [4331392 2012-05-30] (AOL Inc.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [ICQ] => C:\Users\****\AppData\Roaming\ICQM\icq.exe [33664344 2014-01-01] (ICQ)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Skype] => E:\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\MountPoints2: {67746dc0-f776-11e0-8f00-806e6f6e6963} - I:\autorun.exe
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\MountPoints2: {da2275a3-f75f-11e0-861d-806e6f6e6963} - H:\auto.exe
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk
ShortcutTarget: Microsoft Office Outlook 2003.lnk -> C:\Windows\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\outicon.exe ()
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Scheduler.exe - Verknüpfung.lnk
ShortcutTarget: Scheduler.exe - Verknüpfung.lnk -> X:\DVBViewer\Scheduler.exe ()
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\utorrent.lnk
ShortcutTarget: utorrent.lnk -> X:\uTorrent\uTorrent.exe (BitTorrent Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3438649541-831985882-319497044-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3438649541-831985882-319497044-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> X:\Java\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> X:\Java\bin\jp2ssv.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{5221C4C4-43C0-4140-BAA3-DCABF2A416D1}: [NameServer] 192.168.0.250

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> X:\Java\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> X:\Java\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Acrobat -> X:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> X:\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\searchplugins\blasc.xml
FF SearchPlugin: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\searchplugins\rollyo-1-63680.xml
FF Extension: Move Media Player - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\moveplayer@movenetworks.com [2015-01-22]
FF Extension: DownloadHelper - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-22]
FF Extension: CanvasBlocker - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2014-12-06]
FF Extension: Classic Theme Restorer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-04-29]
FF Extension: Ghostery - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\firefox@ghostery.com.xpi [2013-08-21]
FF Extension: NoScript - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-10-04]
FF Extension: Modify Headers - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2014-07-16]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-04]
FF Extension: Greasemonkey - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\jaqy80h6.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-07-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-09-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-04]
FF StartMenuInternet: FIREFOX.EXE - E:\Firefox\firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-08] (Adobe Systems) [File not signed]
S2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [112640 2014-08-11] () [File not signed]
S3 DAUpdaterSvc; Y:\Steam_Games_Y\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-03-29] (BioWare)
S3 Futuremark SystemInfo Service; X:\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 nlsvc; X:\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-07] ()
S2 SkypeUpdate; E:\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
R3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2014-10-15] (Microsoft Corporation) [File not signed]
(StarWind Software) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-15] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 CrystalSysInfo; G:\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys [10240 2005-09-19] () [File not signed]
R3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [12032 2010-04-19] (Razer (Asia-Pacific) Pte Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R2 ei2c; C:\Windows\system32\drivers\ei2c.sys [20784 2013-08-08] (Nicomsoft Ltd.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
S3 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769816 2011-07-09] (www.ext2fsd.com)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-08-01] ()
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\IPSDefs\20150121.001\IDSvia64.sys [668888 2015-01-21] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\VirusDefs\20150121.009\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\VirusDefs\20150121.009\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R1 nltdi; X:\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software)
S3 RivaTuner64; X:\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2012-01-29] ()
R3 RTCore64; E:\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 SKYNET; C:\Windows\System32\DRIVERS\SkyNET_AMD64.SYS [617048 2010-05-10] (TechniSat Digital, S.A.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-10-15] () [File not signed]
R1 SRTSP; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-01-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
S3 tbwkern; C:\Windows\System32\DRIVERS\tbwkern.sys [32848 2011-06-13] () [File not signed]
U5 UnlockerDriver5; E:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2014-08-13] (Microsoft Corporation)
U3 a3ya5law; C:\Windows\System32\Drivers\a3ya5law.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S2 ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys [X]
U2 ccEvtMgr; No ImagePath
U2 ccSetMgr; No ImagePath
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\E:\PC Wizard 2013\pcwiz_x64.sys [X]
U3 navapsvc; No ImagePath
S3 PRLVNIC; system32\DRIVERS\prl_vnic.sys [X]
S2 prl_net; system32\DRIVERS\prl_net.sys [X]
U3 SAVRT; No ImagePath
U1 SAVRTPEL; No ImagePath
U3 TlntSvr; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 14:28 - 2015-01-22 14:28 - 00021943 _____ () C:\Users\****\Desktop\FRST.txt
2015-01-22 14:28 - 2015-01-22 14:28 - 00000000 ____D () C:\FRST
2015-01-22 14:27 - 2015-01-22 14:26 - 02126848 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2015-01-22 13:36 - 2015-01-22 13:42 - 00000000 ____D () C:\Users\****\AppData\Local\Mozilla
2015-01-22 13:32 - 2015-01-22 13:34 - 00000000 ____D () C:\Users\****\AppData\Roaming\Mozilla
2015-01-22 10:54 - 2015-01-22 10:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-22 10:53 - 2015-01-22 10:53 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-22 03:46 - 2015-01-22 03:47 - 00000250 _____ () C:\Windows\Tasks\TELE 5 22-01-2015 22-08-00 WWE RAW.job
2015-01-22 03:46 - 2015-01-22 03:47 - 00000250 _____ () C:\Windows\Tasks\TELE 5 22-01-2015 22-06-00 WWE RAW.job
2015-01-22 03:46 - 2015-01-22 03:46 - 00002864 _____ () C:\Windows\System32\Tasks\TELE 5 22-01-2015 22-08-00 WWE RAW
2015-01-22 03:46 - 2015-01-22 03:46 - 00002864 _____ () C:\Windows\System32\Tasks\TELE 5 22-01-2015 22-06-00 WWE RAW
2015-01-22 03:05 - 2015-01-22 03:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2015-01-22 03:00 - 2015-01-22 13:34 - 00000000 ____D () C:\Program Files (x86)\Norton Identity Safe
2015-01-22 03:00 - 2015-01-22 03:00 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-01-22 03:00 - 2015-01-22 03:00 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-01-22 03:00 - 2015-01-22 03:00 - 00002469 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2015-01-22 03:00 - 2015-01-22 03:00 - 00002469 _____ () C:\ProgramData\Desktop\Norton AntiVirus.lnk
2015-01-22 02:59 - 2015-01-22 03:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2015-01-22 02:59 - 2015-01-22 02:59 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2015-01-22 02:45 - 2015-01-22 02:45 - 00000000 ____D () C:\Users\****\AppData\Local\updates
2015-01-22 02:45 - 2015-01-22 02:45 - 00000000 ____D () C:\Users\****\AppData\Local\Firefox
2015-01-22 02:24 - 2015-01-22 02:24 - 00000000 ____D () C:\Users\RettungsAdmin\AppData\Roaming\Acronis
2015-01-13 19:04 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 19:04 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 19:04 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 19:04 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 19:04 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 19:04 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 19:04 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:04 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:04 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 19:04 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 19:04 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 19:04 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 19:04 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 19:04 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-13 19:04 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 18:44 - 2015-01-13 18:44 - 00289914 ____N () C:\Windows\Minidump\011315-24086-01.dmp
2015-01-13 17:37 - 2014-11-03 20:37 - 00797456 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2015-01-13 17:37 - 2014-11-03 20:37 - 00387344 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2015-01-13 01:37 - 2015-01-13 01:37 - 00000000 ____D () C:\Users\****\AppData\Roaming\RenPy
2015-01-11 00:52 - 2015-01-11 00:52 - 00000000 ____D () C:\Users\****\AppData\Roaming\Frontier Developments
2015-01-11 00:52 - 2015-01-11 00:52 - 00000000 ____D () C:\Users\****\AppData\Local\Frontier Developments
2015-01-10 22:17 - 2015-01-10 22:17 - 06388344 _____ (Tim Kosse) C:\Users\****\Downloads\FileZilla_3.10.0_win32-setup.exe
2015-01-10 14:41 - 2015-01-10 14:41 - 00000000 ____D () C:\Users\****\AppData\Local\Frontier_Developments
2015-01-10 14:40 - 2015-01-10 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elite Dangerous
2015-01-07 21:16 - 2015-01-07 21:16 - 00000835 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2015-01-07 21:15 - 2015-01-07 21:15 - 00000000 ____D () C:\Users\****\AppData\Local\gtk-2.0
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\RettungsAdmin\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\****\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\Administrator\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-03 14:16 - 2015-01-13 18:51 - 00001275 _____ () C:\Users\****\Desktop\NAS 540.lnk
2014-12-30 17:03 - 2014-12-30 17:03 - 00000000 ____D () C:\Program Files (x86)\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 14:28 - 2013-05-15 12:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-22 14:28 - 2011-10-15 22:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Skype
2015-01-22 13:49 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-22 13:49 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-22 13:34 - 2011-10-15 20:16 - 00000000 ____D () C:\ProgramData\Norton
2015-01-22 12:49 - 2011-10-16 00:48 - 00000000 ____D () C:\Program Files (x86)\AIM
2015-01-22 10:55 - 2010-11-21 07:22 - 00703012 _____ () C:\Windows\system32\perfh007.dat
2015-01-22 10:55 - 2010-11-21 07:22 - 00150952 _____ () C:\Windows\system32\perfc007.dat
2015-01-22 10:55 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-22 10:53 - 2014-11-09 18:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-22 07:00 - 2012-11-20 15:35 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-01-22 03:50 - 2011-10-15 20:07 - 01805743 _____ () C:\Windows\WindowsUpdate.log
2015-01-22 03:47 - 2014-08-12 17:14 - 00014991 _____ () C:\Windows\setupact.log
2015-01-22 03:47 - 2011-10-16 01:24 - 00000105 _____ () C:\Windows\Brownie.ini
2015-01-22 03:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-22 03:46 - 2014-07-22 14:38 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-01-22 03:00 - 2011-10-15 20:16 - 00003218 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-01-22 03:00 - 2011-10-15 20:16 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-01-22 02:59 - 2010-11-21 04:47 - 107288440 _____ () C:\Windows\PFRO.log
2015-01-18 20:56 - 2012-11-22 07:20 - 00000000 ____D () C:\Users\****\AppData\Local\CrashDumps
2015-01-18 20:56 - 2011-10-17 19:15 - 00000000 ____D () C:\Users\****\AppData\Roaming\vlc
2015-01-18 04:22 - 2013-01-01 14:21 - 00000000 ____D () C:\Users\****\AppData\Roaming\ICQM
2015-01-17 22:03 - 2011-10-16 01:25 - 00000432 _____ () C:\Windows\BRWMARK.INI
2015-01-17 17:40 - 2012-01-29 18:47 - 00000000 ____D () C:\Users\****\.VirtualBox
2015-01-17 17:32 - 2014-12-10 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-01-17 17:24 - 2011-10-16 01:50 - 00000000 ____D () C:\Users\****\Desktop\Tools
2015-01-17 17:15 - 2012-10-29 23:12 - 00000000 ____D () C:\Users\****\AppData\Local\Loksim3D
2015-01-17 17:13 - 2014-11-27 19:04 - 00000549 _____ () C:\Users\Public\Desktop\Loksim3D.lnk
2015-01-17 17:13 - 2014-11-27 19:04 - 00000549 _____ () C:\ProgramData\Desktop\Loksim3D.lnk
2015-01-17 17:13 - 2013-08-08 12:05 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 17:13 - 2012-03-03 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loksim3D
2015-01-17 13:31 - 2014-05-28 12:10 - 00000000 ____D () C:\Users\****\.gimp-2.8
2015-01-15 10:44 - 2011-10-19 17:38 - 00000000 ____D () C:\Users\****\AppData\Local\Eraser
2015-01-14 09:28 - 2013-05-15 12:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 09:28 - 2012-03-28 20:41 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 09:28 - 2011-10-16 00:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 21:15 - 2011-11-20 15:08 - 00000602 _____ () C:\Users\****\Desktop\MSI Afterburner.lnk
2015-01-13 19:09 - 2014-05-13 19:26 - 00109624 _____ () C:\Users\RettungsAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-13 19:08 - 2013-07-09 19:27 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 19:04 - 2011-10-15 20:55 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 18:44 - 2014-03-11 18:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-13 18:44 - 2012-05-08 22:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-13 18:44 - 2011-10-17 19:11 - 00000000 ____D () C:\Windows\Minidump
2015-01-10 22:32 - 2011-10-15 20:44 - 00000000 ____D () C:\Users\****\AppData\Roaming\FileZilla
2015-01-10 22:17 - 2014-09-23 19:26 - 00000615 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-01-10 22:17 - 2014-09-23 19:26 - 00000615 _____ () C:\ProgramData\Desktop\FileZilla Client.lnk
2015-01-10 22:17 - 2013-06-03 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-07 20:40 - 2012-03-13 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-02 00:36 - 2012-03-17 18:36 - 00000000 ____D () C:\Users\****\AppData\Roaming\TeamViewer
2014-12-31 20:52 - 2011-10-15 21:36 - 00950622 _____ () C:\Windows\DirectX.log
2014-12-30 17:03 - 2011-10-15 20:57 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======
2013-05-16 09:32 - 2013-07-12 20:48 - 0000000 _____ () C:\Users\****\AppData\Roaming\FileIn.cns
2013-05-16 09:32 - 2013-07-12 20:48 - 0000000 _____ () C:\Users\****\AppData\Roaming\FileOut.cns
2012-04-29 01:05 - 2012-08-28 15:07 - 0000079 _____ () C:\Users\****\AppData\Local\CrystalDiskMark30.ini
2012-02-08 15:57 - 2012-06-13 19:30 - 1348976 _____ () C:\Users\****\AppData\Local\parallels.log
2015-01-07 21:16 - 2015-01-07 21:16 - 0000835 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2011-10-22 13:01 - 2014-05-17 03:09 - 0007663 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
2013-11-14 20:17 - 2013-11-14 20:17 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-11-08 15:50 - 2014-11-08 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\drm_dyndata_7380007.dll
C:\Users\****\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\****\AppData\Local\Temp\MSVBVM60.DLL
C:\Users\****\AppData\Local\Temp\msxml6-KB927977-enu-amd64.exe
C:\Users\****\AppData\Local\Temp\setup.exe
C:\Users\****\AppData\Local\Temp\setup64.exe
C:\Users\****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\****\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\****\AppData\Local\Temp\{92622AAD-05E8-4459-B256-765CE1E929FB}_NST_3062.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 04:36

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by **** at 2015-01-22 14:28:32
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
18 WoS Extreme Trucker 2 (v.1.0) (HKLM-x32\...\18 WoS Extreme Trucker 2) (Version: 1.0 - SCS Software)
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.3 - Futuremark)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABbd406 1.00 (HKLM-x32\...\ABbd406 1.00) (Version: 1.00 - olsystems)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.5105 - Acronis)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.3 - Adobe Systems)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Advanced PDF Password Recovery (HKLM-x32\...\{FDF36223-1144-4309-A5C2-3D5DC40B6C82}) (Version: 5.4.48.423 - Elcomsoft Co. Ltd.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMIP (remove only) (HKLM-x32\...\AMIP) (Version:  - )
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.15.0 - Asmedia Technology)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.1.2 - ASUSTeK Computer Inc.)
Atmosphere Deluxe v7.1 (HKLM-x32\...\Atmosphere Deluxe_is1) (Version:  - Vectormedia Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BDomsb 1.00 (HKLM-x32\...\BDomsb 1.00) (Version: 1.00 - olsystems)
BDwsb 1.00 (HKLM-x32\...\BDwsb 1.00) (Version: 1.00 - olsystems)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Black & White® 2 Battle of the Gods (HKLM-x32\...\{10631C28-62E5-477C-9B40-40C5EA8219BE}) (Version: 1.00.0000 - Lionhead Studios)
BOINC (HKLM\...\{CFA4E1F2-090A-4335-A60B-98D8EC69E841}) (Version: 7.4.27 - Space Sciences Laboratory, U.C. Berkeley)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Brother HL-3040CN (HKLM-x32\...\{746CA010-936E-4224-A294-913394FD4214}) (Version: 1.00 - Brother)
Brother MFL-Pro Suite DCP-7010 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Bulletstorm (HKLM-x32\...\GFWL_{45410935-3E72-472B-8C35-AB1000008200}) (Version: 1.0.0000.130 - EA)
Bulletstorm (x32 Version: 1.0.0000.130 - EA) Hidden
BulletStorm (x32 Version: 1.0.0005.130 - EA) Hidden
Byu 1.00 (HKLM-x32\...\Byu 1.00) (Version: 1.00 - olsystems)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version:  - Colossal Order Ltd.)
Cities in Motion 2 (HKLM-x32\...\Steam App 225420) (Version:  - )
Cities XL 2012 (HKLM-x32\...\Cities XL 2012) (Version: 1.0.0 - Focus Home Interactive)
Cities XL 2012 Version 1.0 (HKLM-x32\...\{C01BF16B-6D37-4C45-BAF4-3D0350806411}_is1) (Version: 1.0 - Focus Home Interactive)
Combined Community Codec Pack 2013-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
CrystalDiskInfo 5.0.3 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.0.3 - Crystal Dew World)
CrystalDiskMark 3.0.2f (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
CVE-2012-1889 (HKLM\...\{06b2b7ed-809a-44e6-8538-ca0f5b74ecc4}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{29447369-6968-4e86-a208-603f6f0771a6}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{393ffabe-5a1a-43b3-8e03-8f573e1e0d01}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{7d32ab1f-1858-4373-a75a-b7cd8feb5d92}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{f300e352-12de-4e7f-ace3-a376874402b6}.sdb) (Version:  - )
CVE-2012-4969 (HKLM\...\{777afb2a-98e5-4f14-b455-378a925cae15}.sdb) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DB Donnerbuechsen 1.00 (HKLM-x32\...\DB Donnerbuechsen 1.00) (Version: 1.00 - olsystems)
DB D-ZUG Schlafwagen WLAB4uem 1.00 (HKLM-x32\...\DB D-ZUG Schlafwagen WLAB4uem 1.00) (Version: 1.00 - olsystems)
DBuz 1.00 (HKLM-x32\...\DBuz 1.00) (Version: 1.00 - olsystems)
DBv 1.00 (HKLM-x32\...\DBv 1.00) (Version: 1.00 - olsystems)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Die Völker 2 Gold (HKLM-x32\...\Gamedownload Die Völker 2 Gold) (Version: 1.0.0.0 - Gamedownload)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 1.9.2.0 - DiskInternals Research)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Drakensang (High Texture Pack) (HKLM-x32\...\Drakensang_is1) (Version:  - dtp AG)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version:  - Gas Powered Games)
Dungeon Siege 2 (HKLM-x32\...\Steam App 39200) (Version:  - Gas Powered Games)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version:  - Obsidian Entertainment)
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 4.8.1 - CM&V)
DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version:  - CM&V)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 8.2.1.3 (28/09/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
Dwarfs!? (HKLM-x32\...\Steam App 35480) (Version:  - Power of 2)
Earth 2160 (HKLM-x32\...\Earth 2160) (Version: 1.3.8.0 - Topware Interactive AG)
EF CheckSum Manager (HKLM\...\EF CheckSum Manager) (Version:  - EFSoftware)
Elite Dangerous Launcher version 0.4.1844.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1844.0 - Frontier Developments)
ElsterFormular (HKLM-x32\...\ElsterFormular 13.2.0.8623p) (Version: 13.2.0.8623p - Landesfinanzdirektion Thüringen)
Empire Earth Gold Edition (HKLM-x32\...\Gamedownload Empire Earth Gold Edition) (Version: 1.0.0.0 - Gamedownload)
Empire Earth II Gold Edition (HKLM-x32\...\Gamedownload Empire Earth II Gold Edition) (Version: 1.0.0.0 - Gamedownload)
Endless Space (HKLM-x32\...\Endless Space_is1) (Version:  - )
Eraser (HKLM-x32\...\Eraser) (Version:  - Heidi Computers Ltd.)
Eraser (x32 Version: 5.86 - Heidi Computers Ltd.) Hidden
e-Saver version 3.1 (HKLM-x32\...\{C97CA73D-E96B-4B42-830E-D0F7BD780FB8}_is1) (Version: 3.1 - AOC)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EveMeepV3 (HKLM-x32\...\{52F7EC17-C7D9-4254-BBC5-404A67844ED1}) (Version: 1.0.2 - Evemeep)
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.3.4116 - battleclinic.com)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Ext2Fsd 0.51 (HKLM\...\Ext2Fsd_is1) (Version: 0.51 - Matt Wu)
FAHClient (HKLM-x32\...\FAHClient) (Version: 7.4.4 - Stanford University)
FileZilla Client 3.10.0 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0 - Tim Kosse)
Folding@home-gpu (HKLM-x32\...\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}) (Version: 6.23 - Folding@home)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
From Dust (HKLM-x32\...\Steam App 33460) (Version:  - Ubisoft Montpellier)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
gamelauncher-ps2-psg (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\SOE-Y:/PlanetSide 2) (Version:  - Sony Online Entertainment)
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
German Wagon Pack 1.00 (HKLM-x32\...\German Wagon Pack 1.00) (Version: 1.00 - olsystems)
GIANTS Editor 5.0.1 (HKLM-x32\...\giants_editor_5.0.1_is1) (Version: 5.0.1 - GIANTS Software GmbH)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Guild 2 King's Edition (HKLM-x32\...\{378BA9B5-DB6C-41DB-BE93-86CD198A8A9E}) (Version: 1.0.0 - JoWood)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ICE 1 Redesign 1.00 (HKLM-x32\...\ICE 1 Redesign 1.00) (Version: 1.00 - olsystems)
ICE 2 1.00 (HKLM-x32\...\ICE 2 1.00) (Version: 1.00 - olsystems)
ICE 3M 1.00 (HKLM-x32\...\ICE 3M 1.00) (Version: 1.00 - olsystems)
ICE T 1.00 (HKLM-x32\...\ICE T 1.00) (Version: 1.00 - olsystems)
ICQ 8.2 (build 6901) (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\ICQ) (Version: 8.2.6901.0 - ICQ)
iDeer Blu-ray Player (HKLM-x32\...\iDeer Blu-ray Player) (Version: 1.6.1.1750 - iDeerApp Software Inc.)
IndustrieGigant 2 - Gold Edition (HKLM-x32\...\{6910C412-A523-493C-BC22-0213CD7F4F3A}) (Version: 1.0.0 - JoWooD Productions Software AG)
IndustrieGigant 2 (HKLM-x32\...\{8FA7E81D-6D99-4788-8BE4-D898B346AB2E}) (Version: 1.1.0.0 - JoWooD Productions Software AG)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
KVIrc (HKLM-x32\...\KVIrc) (Version:  - Szymon Stefanek and The KVIrc Development Team)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Loksim3D (HKLM\...\Loksim3D_is1) (Version: 2.9.1 - Loksim3D)
Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version:  - Hanako Games)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version:  - )
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version:  - LucasArts)
Mountain (HKLM-x32\...\Steam App 313340) (Version:  - David OReilly)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 15.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Firefox 35.0 (x86 de) (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
MPC-HC 1.6.7.7114 (9eb64ec) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.7.7114 - MPC-HC Team)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 11 DiscSpeed (HKLM-x32\...\{B8B03F99-F600-4D96-ADBD-2F384240FB9C}) (Version: 11.0.00400 - Nero AG)
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{B3DC5C38-EAE3-4003-B6A7-DEF127E9A9AB}) (Version: 12.0.01100 - Nero AG)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Newshosting (HKLM\...\{FE76A200-134E-48EC-8E90-3C124F16BC7F}) (Version: 1.6.1 - Newshosting)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
ÖBB Railjet 1.00 (HKLM-x32\...\ÖBB Railjet 1.00) (Version: 1.00 - olsystems)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Parallels runtime modules (x32 Version: 1.00.0000 - Parallels) Hidden
Patch v2.2 (HKLM-x32\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version:  - RUNEFORGE Games Studios)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Patrician IV: Rise of a Dynasty (HKLM-x32\...\Steam App 57730) (Version:  - )
Patrician IV: Steam Special Edition (HKLM-x32\...\Steam App 57620) (Version:  - )
Patrizier 4 - Patch 1.1.1 (HKLM-x32\...\{5C9D5D8C-9245-45B4-B017-0AD03DA2EEAA}_is1) (Version:  - Kalypso Media)
Patrizier 4 (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.0.0 - Kalypso Media)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Pro Train 29 - Schwarzwaldbahn 1972 Deluxe 1.0  (HKLM-x32\...\Pro Train 29 - Schwarzwaldbahn 1972 Deluxe) (Version: 1.0 - Halycon Media)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProTrain  BR 106 1.0 (HKLM-x32\...\ProTrain  BR 106 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 13 Hamburg - Westerland 1.0 (HKLM-x32\...\ProTrain 13 Hamburg - Westerland 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 16 Schwarzwaldromantik 1.0 (HKLM-x32\...\ProTrain 16 Schwarzwaldromantik 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 18 Hamburg-Berlin 1.0 (HKLM-x32\...\ProTrain 18 Hamburg-Berlin 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 19 Berlin-Rostock 1.0 (HKLM-x32\...\ProTrain 19 Berlin-Rostock 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 21 Kiel-Flensburg 1.0 (HKLM-x32\...\ProTrain 21 Kiel-Flensburg 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 22 Erfurt - Suhl 1.0 (HKLM-x32\...\ProTrain 22 Erfurt - Suhl 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0 (HKLM-x32\...\ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 26 "Die schwäbische Eisenbahn" 1.0 (HKLM-x32\...\ProTrain 26 "Die schwäbische Eisenbahn" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 33 Frankfurt-Cottbus 1.0 (HKLM-x32\...\ProTrain 33 Frankfurt-Cottbus 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 36 1.0 (HKLM-x32\...\ProTrain 36 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 7 - Frankfurt-Nürnberg 1.0 (HKLM-x32\...\ProTrain 7 - Frankfurt-Nürnberg 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 7 "Spessartrampe" Update auf Version 1.2 1.2 (HKLM-x32\...\ProTrain 7 "Spessartrampe" Update auf Version 1.2 1.2) (Version: 1.2 - Blue Sky Interactive)
ProTrain 8 - Update auf Version 1.1 1.1 (HKLM-x32\...\ProTrain 8 - Update auf Version 1.1 1.1) (Version: 1.1 - Blue Sky Interactive)
ProTrain Extra 1.0 (HKLM-x32\...\ProTrain Extra 1.0) (Version: 1.0 - )
ProTrain Extra 2 1.0 (HKLM-x32\...\ProTrain Extra 2 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 3 1.0 (HKLM-x32\...\ProTrain Extra 3 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 4 1.0 (HKLM-x32\...\ProTrain Extra 4 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 5 1.0 (HKLM-x32\...\ProTrain Extra 5 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 6 1.0 (HKLM-x32\...\ProTrain Extra 6 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 6 Update 1.01 1.01 (HKLM-x32\...\ProTrain Extra 6 Update 1.01 1.01) (Version: 1.01 - Blue Sky Interactive)
ProTrain Extra 7 1.0 (HKLM-x32\...\ProTrain Extra 7 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 8 1.0 (HKLM-x32\...\ProTrain Extra 8 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 9 1.0 (HKLM-x32\...\ProTrain Extra 9 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Karwendelbahn Aufgabenpaket 1 1.0 (HKLM-x32\...\ProTrain Karwendelbahn Aufgabenpaket 1 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - 3D Schienen - (HKLM-x32\...\{F3ADFC12-6BCB-42B0-A44C-0745F8AD99FA}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Aufgabenpack 1 - (HKLM-x32\...\{3BBAF8F6-D11A-4B20-9E42-80AE7AD6CD72}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Aufgabenpack 2 - (HKLM-x32\...\{EF497532-E79C-4BFA-8D44-3E4125D4B4F7}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Leipzig - Saalfeld  - (HKLM-x32\...\{7DB1D6CD-9CEA-487C-930F-59DDB2B989FB}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Nürnberg - Saalfeld - (HKLM-x32\...\{1FE4482C-E7EC-4A88-B3EE-AC13054E789E}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 (HKLM-x32\...\AuranTS2009_ptp2_is1) (Version:  - Auran)
ProTrain Perfect Addon 3 - Leipzig - Berlin  - (HKLM-x32\...\{2CE81076-F837-40F0-B8C4-4CA8A9B3D2E3}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Addon 5 - Fulda - Würzburg  - (HKLM-x32\...\{CC82B97C-6937-4170-9F3A-7FF8959D686B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Vogelfluglinie Activitiepack 1 1.0 (HKLM-x32\...\ProTrain Vogelfluglinie Activitiepack 1 1.0) (Version: 1.0 - Blue Sky Interactive)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RailTraction Sahlmmps 1.00 (HKLM-x32\...\RailTraction Sahlmmps 1.00) (Version: 1.00 - olsystems)
Railtraction Sdggmrss 1.00 (HKLM-x32\...\Railtraction Sdggmrss 1.00) (Version: 1.00 - olsystems)
Railtraction Uacns 1.00 (HKLM-x32\...\Railtraction Uacns 1.00) (Version: 1.00 - olsystems)
Railworks 3 Train Simulator 2012 Deluxe (HKLM-x32\...\Railworks 3 Train Simulator 2012 Deluxe_is1) (Version:  - )
Railworks Plus Pack Vol.2 1.11 (HKLM-x32\...\Railworks Plus Pack Vol.2 1.11) (Version: 1.11 - olsystems)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer DeathAdder(TM) Mouse (HKLM-x32\...\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}) (Version: 3.03 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
RW0381 Arkbimbz 1.0 (HKLM-x32\...\RW0381 Arkbimbz 1.0) (Version: 1.0 - trainsimblog.tk)
RX-SSTV Version 1.3.1 (HKLM-x32\...\RX-SSTV_is1) (Version:  - ON6MU)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Sins of a Solar Empire - Trinity (HKLM-x32\...\Sins of a Solar Empire - Trinity) (Version: 1.00 - Stardock Entertainment, Inc.)
Sins of a Solar Empire - Trinity (x32 Version: 1.00 - Stardock Entertainment, Inc.) Hidden
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
Staedteexpress 1.00 (HKLM-x32\...\Staedteexpress 1.00) (Version: 1.00 - olsystems)
Star Conflict Launcher 1.0.1.17 (HKLM-x32\...\StarConflictLauncher_is1) (Version:  - )
Star Ruler (HKLM-x32\...\StarRuler) (Version:  - )
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
Stellar Impact (HKLM-x32\...\Steam App 207150) (Version:  - Tindalos Interactive)
StreamTransport version: 1.1.4.0 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Stronghold 2 (HKLM-x32\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - FireFly Studios)
SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013. (HKLM-x32\...\{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1) (Version: +Recorder.2013.55 - eRightSoft)
SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51 (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52 (HKLM-x32\...\{8F311E2E-C275-4CF0-8154-B63991832668}_is1) (Version: v2012.build.52 - eRightSoft)
SUPER © Version 2008.bld.33 (Sep 2, 2008) (HKLM-x32\...\SUPER ©) (Version: Version 2008.bld.33 (Sep 2, 2008) - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.3.3 - TechniSat)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Softworks)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
The Settlers: Kingdoms of Anteria (HKLM-x32\...\SKoA) (Version:  - Ubisoft GmbH)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - )
Train Simulator 2015 GE Update 7 1.02 (HKLM-x32\...\Train Simulator 2015 GE Update 7 1.02) (Version: 1.02 - olsystems)
Train Simulator 2015 GE Update 8 1.07 (HKLM-x32\...\Train Simulator 2015 GE Update 8 1.07) (Version: 1.07 - olsystems)
Triebwagen 1.00 (HKLM-x32\...\Triebwagen 1.00) (Version: 1.00 - olsystems)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
TS2015 GE Wagen Upgrade Pack 1.00 (HKLM-x32\...\TS2015 GE Wagen Upgrade Pack 1.00) (Version: 1.00 - olsystems)
TTB Szenario Pack Munich-Augsburg 1.00 (HKLM-x32\...\TTB Szenario Pack Munich-Augsburg 1.00) (Version: 1.00 - olsystems)
TTB Szenario Pack Vol.1 Berlin Wittenberg 1.06 (HKLM-x32\...\TTB Szenario Pack Vol.1 Berlin Wittenberg 1.06) (Version: 1.06 - olsystems)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Viscera Cleanup Detail - ALPHA (HKLM\...\UDK-ff8f3672-fcac-403e-ad9b-9b9585a6dcdf) (Version:  - RuneStorm)
Vizzart BR112 1.00 (HKLM-x32\...\Vizzart BR112 1.00) (Version: 1.00 - olsystems)
Vizzart BR112 Update 1.1 1.00 (HKLM-x32\...\Vizzart BR112 Update 1.1 1.00) (Version: 1.00 - olsystems)
Vizzart BR429 1.00 (HKLM-x32\...\Vizzart BR429 1.00) (Version: 1.00 - olsystems)
Vizzart IC Steuerwagen Rot 1.00 (HKLM-x32\...\Vizzart IC Steuerwagen Rot 1.00) (Version: 1.00 - olsystems)
Vizzart IC Steuerwagen Weiß 1.00 (HKLM-x32\...\Vizzart IC Steuerwagen Weiß 1.00) (Version: 1.00 - olsystems)
Vizzart Metropolitan 1.00 (HKLM-x32\...\Vizzart Metropolitan 1.00) (Version: 1.00 - olsystems)
Vizzart Regioshuttle 1.00 (HKLM-x32\...\Vizzart Regioshuttle 1.00) (Version: 1.00 - olsystems)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VR DB IC Wagen 1.00 (HKLM-x32\...\VR DB IC Wagen 1.00) (Version: 1.00 - olsystems)
VR DB Reisezugwagen Epoche III IV 1.00 (HKLM-x32\...\VR DB Reisezugwagen Epoche III IV 1.00) (Version: 1.00 - olsystems)
VR DB Schnellzugwagen Epoche 4 1.00 (HKLM-x32\...\VR DB Schnellzugwagen Epoche 4 1.00) (Version: 1.00 - olsystems)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - )
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebTemp 3.38-pre12 (kostenlose Version) (HKLM-x32\...\WebTemp_is1) (Version:  - hxxp://www.webtemp.org)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Support Tools (HKLM-x32\...\{F07F0BCD-5C6D-4499-9F05-6ED747078A72}) (Version: 5.2.3790.3959 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinHTTrack Website Copier 3.45-4 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.45.4 - HTTrack)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRK 3.1.2 (win64) (HKLM\...\WinRK) (Version: 3.1.2 (win64) - M Software Ltd.)
WinUAE 2.5.1 (HKLM-x32\...\WinUAE) (Version: 2.5.1 - Arabuusimiehet)
World of Tanks v.0.7.1 (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
X Rebirth (HKLM-x32\...\Steam App 2870) (Version:  - Egosoft)
X3 Albion Prelude Bonuspaket 5.1.0.0 (HKLM-x32\...\X3AP Bonus Pack_is1) (Version: 5.1.0.0 - Egosoft)
X3 Terran Conflict v3.2 (HKLM-x32\...\X3TerranConflict_is1) (Version:  - EGOSOFT)
X3: Albion Prelude (HKLM-x32\...\Steam App 201310) (Version:  - Egosoft)
X3: Terran Conflict (HKLM-x32\...\Steam App 2820) (Version:  - Egosoft)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - )
YDKJ Collection (HKLM-x32\...\{ED28CD78-02BC-4014-A548-EFFB9A0673D0}) (Version: 1.00.0000 - DocStrange)
YOU DON'T KNOW JACK Vol. 1 XL (HKLM-x32\...\Steam App 252730) (Version:  - )
YOU DON'T KNOW JACK Vol. 2 (HKLM-x32\...\Steam App 259940) (Version:  - )
YOU DON'T KNOW JACK Vol. 3 (HKLM-x32\...\Steam App 259960) (Version:  - )
YOU DON'T KNOW JACK Vol. 4 The Ride (HKLM-x32\...\Steam App 259980) (Version:  - )
Zusi 3.0.4 (Demo) (HKLM-x32\...\www.zusi.de/zusi3/demo_is1) (Version: 3 - Carsten Hölscher)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-13 18:06 - 00002435 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 *.ligatus.com
127.0.0.1 ligatus.com
127.0.0.1 activate.adobe.com      
127.0.0.1 practivate.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 activate.adobe.com:443
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com

There are 23 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B6DBE0C-0C37-4048-9E14-8E214F10DE4E} - System32\Tasks\{C7C62EEA-1CB9-411B-ADC0-921FCA507EEE} => pcalua.exe -a G:\BittorrendFiles\msicuu2.exe -d E:\Firefox
Task: {1B40CDDC-619C-4E46-A64F-357D650D2028} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe
Task: {29804085-39FA-4778-8210-8EC4BFB7AFD3} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe
Task: {42BBF2C8-4E76-4474-8D04-B3C5ACE0EFF1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {49B229FD-4F3B-4D81-872D-1AB9D360F630} - System32\Tasks\{4D97262F-6D65-4D64-9BCA-97289E538BAD} => G:\BittorrendFiles\SHEEP\SHEEP.EXE
Task: {4CF66300-B9BD-4808-915E-43071A8B528E} - System32\Tasks\{9BB6A573-4E88-49C6-A9FB-BE35DB3F951C} => G:\BittorrendFiles\SHEEP\SHEEP.EXE
Task: {51F3FD09-7DF6-41F7-9024-A73959C1B513} - System32\Tasks\{1231FFA1-CB67-47EA-8000-A21AA189AFDD} => G:\BittorrendFiles\SHEEP\SHEEP.EXE
Task: {65DE70E5-7877-426C-8EE0-CC34B6A0CD9F} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7BB1F6D4-07A3-4897-85FF-CE15885A7413} - System32\Tasks\{E21B8BCF-827E-4096-AEF0-F378883AFFF5} => pcalua.exe -a "Y:\Steam_Games_Y\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "Y:\Steam_Games_Y\steamapps\common\Left 4 Dead 2" -c /register
Task: {8BE3E5E1-5341-48C7-B600-D451346BC35F} - System32\Tasks\regedit => regedit.exe 
Task: {B35A5A97-8760-42C1-A37D-0D110F519B2A} - System32\Tasks\{B705B4F3-F33C-41B9-B508-7170C8E84614} => pcalua.exe -a "Z:\Die Siedler Königreiche von Anteria\SKoA\SKoA.exe" -c --uninstall
Task: {C39387F7-1DB9-4A45-8B62-D0C143A149C4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {C64D9A20-8706-4FCD-BC82-71C89E26A7BC} - System32\Tasks\TELE 5 22-01-2015 22-06-00 WWE RAW => X:\DVBViewer\Scheduler.exe [2008-02-02] ()
Task: {C87C40F1-4412-49AA-B0AF-8937D89C264C} - System32\Tasks\{E1D2A0A9-2C2D-468E-B3CF-FE1A0634F49F} => pcalua.exe -a "C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe"
Task: {D03CE815-F8F9-4C8A-B289-CAA4868D7056} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E3703704-5874-4330-8863-5B45CFFC4D53} - System32\Tasks\TELE 5 22-01-2015 22-08-00 WWE RAW => X:\DVBViewer\Scheduler.exe [2008-02-02] ()
Task: {E9DBD043-E827-434F-BDA8-6DED42DCC71F} - System32\Tasks\{25D2C6D6-A585-49D3-A603-8202CF479F51} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1618
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\TELE 5 22-01-2015 22-06-00 WWE RAW.job => X:\DVBViewer\Scheduler.exe
Task: C:\Windows\Tasks\TELE 5 22-01-2015 22-08-00 WWE RAW.job => X:\DVBViewer\Scheduler.exe

==================== Loaded Modules (whitelisted) =============

2012-09-08 14:18 - 2011-03-21 15:19 - 00053248 _____ () X:\NetLimiter 3\nlsvcPS.dll
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () X:\FileZilla\fzshellext_64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () E:\Unlocker\UnlockerCOM.dll
2012-09-08 14:22 - 2011-05-28 21:05 - 00164864 _____ () X:\WinRAR\rarext.dll
2012-09-08 14:18 - 2011-03-21 10:06 - 00248320 _____ () X:\Razer\DeathAdder\razerhid.exe
2012-09-08 14:17 - 2008-02-02 17:11 - 00228352 _____ () X:\DVBViewer\Scheduler.exe
2012-09-08 14:18 - 2010-04-27 13:41 - 00218112 _____ () X:\Razer\DeathAdder\razertra.exe
2014-12-06 08:03 - 2014-12-06 08:03 - 00565760 _____ () E:\MSI Afterburner\MSIAfterburner.exe
2012-09-08 14:18 - 2011-04-14 10:48 - 01758208 _____ () X:\Razer\DeathAdder\vdDaemon.exe
2012-05-30 18:11 - 2012-05-30 18:11 - 00176128 _____ () C:\Program Files (x86)\AIM\nssckbi.dll
2014-01-01 14:56 - 2014-01-01 14:56 - 00857944 _____ () C:\Users\****\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 02396672 _____ () Z:\Steam\libavcodec-56.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00442880 _____ () Z:\Steam\libavutil-54.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00479744 _____ () Z:\Steam\libavformat-56.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00332800 _____ () Z:\Steam\libavresample-2.dll
2014-05-25 21:51 - 2014-11-11 19:47 - 00774656 _____ () Z:\Steam\SDL2.dll
2015-01-19 23:32 - 2014-12-02 01:29 - 05002752 _____ () Z:\Steam\v8.dll
2015-01-19 23:32 - 2014-12-02 01:29 - 01612800 _____ () Z:\Steam\icui18n.dll
2015-01-19 23:32 - 2014-12-02 01:29 - 01210368 _____ () Z:\Steam\icuuc.dll
2014-05-25 21:51 - 2015-01-19 19:49 - 02227904 _____ () Z:\Steam\video.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00485888 _____ () Z:\Steam\libswscale-3.dll
2014-05-25 21:53 - 2015-01-19 19:49 - 00696000 _____ () Z:\Steam\bin\chromehtml.DLL
2014-05-25 21:53 - 2015-01-16 00:42 - 34641288 _____ () Z:\Steam\bin\libcef.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00071680 _____ () E:\MSI Afterburner\RTMUI.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00056832 _____ () E:\MSI Afterburner\RTFC.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00217600 _____ () E:\MSI Afterburner\RTCore.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00353792 _____ () E:\MSI Afterburner\RTUI.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00649216 _____ () E:\MSI Afterburner\RTHAL.dll
2014-08-14 18:48 - 2015-01-16 00:42 - 01709960 _____ () Z:\Steam\bin\ffmpegsumo.dll
2012-09-08 14:16 - 2012-04-04 06:53 - 02894240 _____ () X:\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2012-09-08 14:15 - 2012-04-04 06:54 - 01446400 _____ () X:\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2012-09-08 14:15 - 2012-04-04 06:54 - 00105984 _____ () X:\Adobe\Acrobat 10.0\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU
2012-09-08 14:17 - 2011-05-19 08:37 - 00565827 _____ () X:\DVBViewer\sqlite3.dll
2012-09-08 14:17 - 2008-11-12 09:35 - 00043008 _____ () X:\DVBViewer\Plugins\gtRemote.dll
2012-09-08 14:17 - 2005-11-05 10:11 - 00042496 _____ () X:\DVBViewer\Plugins\myMCE2005.dll
2012-09-08 14:17 - 2005-11-01 19:28 - 00042496 _____ () X:\DVBViewer\Plugins\myMCEIr.dll
2012-09-08 14:17 - 2007-08-14 09:58 - 00099328 _____ () X:\DVBViewer\Plugins\mySkystarIR.dll
2012-09-08 14:17 - 2005-10-31 13:25 - 00041984 _____ () X:\DVBViewer\Plugins\myTwinhan.dll
2012-09-08 14:17 - 2008-06-25 06:22 - 00089600 _____ () X:\DVBViewer\Plugins\UniStreaming.dll
2012-09-08 14:15 - 2012-04-04 06:54 - 00019968 _____ () X:\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.deu
2015-01-13 20:56 - 2015-01-13 20:56 - 03925104 _____ () E:\Firefox\mozjs.dll
2015-01-14 09:28 - 2015-01-14 09:28 - 16844464 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll
2008-08-02 21:14 - 2008-03-14 23:52 - 00012288 _____ () E:\mIRC1\script\dlls\dmu.dll
2008-08-02 21:14 - 2008-03-14 23:52 - 00018944 _____ () E:\mIRC1\script\dlls\mdock61.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3438649541-831985882-319497044-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3438649541-831985882-319497044-501 - Limited - Enabled)
**** (S-1-5-21-3438649541-831985882-319497044-1000 - Administrator - Enabled) => C:\Users\****
HomeGroupUser$ (S-1-5-21-3438649541-831985882-319497044-1006 - Limited - Enabled)
Netzwerkgast (S-1-5-21-3438649541-831985882-319497044-1007 - Limited - Disabled)
RettungsAdmin (S-1-5-21-3438649541-831985882-319497044-1008 - Administrator - Enabled) => C:\Users\RettungsAdmin

==================== Faulty Device Manager Devices =============

Name: Logitech GamePanel-Geräte (QVGA)
Description: Logitech GamePanel-Geräte (QVGA)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Logitech GamePanel-Geräte (Mono)
Description: Logitech GamePanel-Geräte (Mono)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Parallels Networking Driver
Description: Parallels Networking Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: prl_net
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/22/2015 03:49:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 03:47:22 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/22/2015 03:01:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 02:59:26 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/22/2015 02:40:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 02:38:57 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/22/2015 02:25:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 02:23:48 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/18/2015 08:56:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x218c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/18/2015 08:27:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x27dc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3


System errors:
=============
Error: (01/22/2015 01:33:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Norton Identity Safe" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/22/2015 01:17:11 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (01/22/2015 03:48:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/22/2015 03:48:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ACP User Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/22/2015 03:47:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (01/22/2015 03:47:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/22/2015 03:47:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallels Networking Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/22/2015 03:35:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/22/2015 03:29:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ACP User Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/22/2015 03:16:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (01/22/2015 03:49:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 03:47:22 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/22/2015 03:01:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 02:59:26 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/22/2015 02:40:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 02:38:57 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/22/2015 02:25:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/22/2015 02:23:48 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/18/2015 08:56:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d218c01d03355315f7efbX:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll091128e8-9f4c-11e4-8576-b4e0fe89ce63

Error: (01/18/2015 08:27:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d27dc01d0332922780072X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll07e6eef2-9f48-11e4-8576-b4e0fe89ce63


CodeIntegrity Errors:
===================================
  Date: 2014-11-08 22:33:11.184
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-08 22:33:11.153
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.685
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.629
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.441
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.384
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.202
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.149
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:16.874
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:16.820
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 16332.44 MB
Available physical RAM: 10037.34 MB
Total Pagefile: 20426.63 MB
Available Pagefile: 14460.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:168 GB) NTFS
Drive d: (TempDaten) (Fixed) (Total:60 GB) (Free:48.2 GB) NTFS
Drive e: (GAMES) (Fixed) (Total:100.01 GB) (Free:19.79 GB) NTFS
Drive f: (DATEN) (Fixed) (Total:100.01 GB) (Free:31.86 GB) NTFS
Drive g: (INTERNET) (Fixed) (Total:100.01 GB) (Free:13.91 GB) NTFS
Drive m: (Media) (Fixed) (Total:863.01 GB) (Free:94.12 GB) NTFS
Drive v: (Sicherung_VMs) (Fixed) (Total:863.01 GB) (Free:567.91 GB) NTFS
Drive w: (BACKUP) (Fixed) (Total:105.74 GB) (Free:61.35 GB) NTFS
Drive x: (Programme) (Fixed) (Total:55.9 GB) (Free:29.82 GB) NTFS
Drive y: (Image) (Fixed) (Total:1000 GB) (Free:502.38 GB) NTFS
Drive z: (Netzwerk) (Fixed) (Total:1000 GB) (Free:527.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0B0EDB72)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 14563881)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 863DB41E)
Partition 1: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=305.7 GB) - (Type=OF Extended)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BF2A384C)
Partition 1: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2F865633)
Partition 1: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=863 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 22.01.2015, 23:00   #5
Bootsektor
Ruhe in Frieden
† 2019
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



Hallo.


Zitat:
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 activate.adobe.com:443
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
Die von mir gelisteten Einträge deuten stark darauf hin, dass auf diesem Rechner Software benutzt wird, die nicht legal erworben wurde.

Supportunterbrechung
Lesestoff:

Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.

Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle solange nicht weiter bereinigen, bis die Software entfernt wurde. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.

Bitte entscheide Dich also, wie Du weiter vorgehen möchtest und teile mir dieses hier in Deinem Thread mit.
Unsere Hilfe beschränkt sich, wenn Du diese Software nicht entfernst, nur auf das Neuaufsetzen und Absichern deines Systems.
Fragen dazu beantworten wir dir aber weiterhin gerne und zwar in unserem Forum.


Alt 23.01.2015, 01:47   #6
fump
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



Hallo Sandra

Die Liste wurde manuell angelegt um Adobe Premiere Pro 2.0 daran zu hindern rumzuspinnen.
Adobe Premiere Pro 2.0 gab es ja mal kostenlos, nur leider hat das manchmal die Angewohnheit, wenn es nach Hause telefoniert, alle Registrierungsdaten zu vergessen, was nur mit einer kompletten Deinstallation und Neuinstallation zu beheben ist.
Das das auf Dauer sehr nervt, kannst du ja sicher verstehen.

Die Restliche Software ist auch legal erworben (wie Adobe Acrobat X Pro Studentenversion) oder sind noch installierte Testversionen (wie Aida 64 Extreme Edition), die abgelaufen sind aber noch nicht (sauber) deinstalliert worden.

Zumindest bei den Installierten Programmen ist mir keines aufgefallen, welches ich nicht kennen würde bzw was ich nicht selbst installiert habe

----

habe mal einmal mit den Tools die sonst so hier im Forum verwendet werden gescannt:

Malwarebytes Anti-Malware , AdwCleaner und Junkware Removal Tool finden nichts auf dem System, was sieh stört.

Auch Norton Power Eraser finde nichts, was ich nicht kennen würde. Der DVBviewer wird z.B. nur erkennt als Gefahr, weil der einen MAC Scanner wegen Internet@Sat an Board hat. Nichts bedrohliches, aber verdächtig.

Alt 24.01.2015, 22:02   #7
Bootsektor
Ruhe in Frieden
† 2019
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



Hallo,

Zitat:
Die Liste wurde manuell angelegt um Adobe Premiere Pro 2.0 daran zu hindern rumzuspinnen.
Adobe Premiere Pro 2.0 gab es ja mal kostenlos
Ok.


Zitat:
habe mal einmal mit den Tools die sonst so hier im Forum verwendet werden gescannt:
Bitte keine Scans mit irgendwelchen Tools auf eigene Faust, das erschwert mir meine Arbeit ungemein.

Die Logs von MBAM, ADC und JRT bitte posten.

hast du die Meldung von ESET noch. falls ja, auch posten.

den ftp port im FF hast du dort so gesetzt?

Sonst sieht das soweit gut aus. Hattest du den Eset OnlineScan gemacht?

Alt 24.01.2015, 22:35   #8
fump
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



ESET Meldung ist nun weg, hab das FireFox Profil mal neu ausgesetzt und alles neu eingestellt.

Dem ESET Scan scheint nur irgendwas an den Hinterlassenschaften von einer alten Addon Version nicht gepasst zu haben. Hab beide Dateien angekuckt, nur minimale unterschiede bei den Addon Einstellungen

----

FireFox Port:

Ja, sind Einstellungen für einen Proxyserver

----
MBAM

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 24.01.2015
Scan Time: 23:23:52
Logfile: 
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.24.14
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: *

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 450499
Time Elapsed: 5 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         

ADC

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 24/01/2015 um 23:18:27
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-24.4 [Live]
# Betriebssystem : Windows 7 Service Pack 1 (64 bits)
# Benutzername : **** - ****
# Gestartet von : C:\Downloads\adwcleaner_4.109.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Users\****\AppData\Local\CrashRpt
Ordner Gefunden : C:\Users\****\AppData\Local\PackageAware

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v15.0.1 (de)


*************************

AdwCleaner[R0].txt - [2117 octets] - [22/01/2015 18:56:16]
AdwCleaner[R1].txt - [2066 octets] - [22/01/2015 18:58:18]
AdwCleaner[R2].txt - [1081 octets] - [22/01/2015 19:12:46]
AdwCleaner[R3].txt - [942 octets] - [24/01/2015 23:18:27]
AdwCleaner[S0].txt - [1942 octets] - [22/01/2015 19:02:19]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1061 octets] ##########
         

JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 x64
Ran by **** on 24.01.2015 at 23:30:06,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.01.2015 at 23:31:56,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 26.01.2015, 22:20   #9
Bootsektor
Ruhe in Frieden
† 2019
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



Hallo,

ok, könntest du mir denn das Log von ESET bitte der Vollständigkeit halber posten?

Mache bitte auch nochmal einen neuen Scan mit FRST

Schritt 1
ESET-Log posten

Schritt 2
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

Alt 26.01.2015, 23:22   #10
fump
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



ESET

Code:
ATTFilter
Arbeitsspeicher	Win32/HideWindow potenziell unsichere Anwendung
         
Anwendung ist aber bekannt, MIRC




FRST

FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by **** (administrator) on SEBASTIAN on 26-01-2015 23:54:55
Running from C:\Users\****\Desktop
Loaded Profiles: **** (Available profiles: **** & RettungsAdmin & Administrator)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\AMD\amdacpusrsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe
(Locktime Software) X:\NetLimiter 3\nlsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Locktime Software) X:\NetLimiter 3\NLClientApp.exe
(AOL Inc.) C:\Program Files (x86)\AIM\aim.exe
(ICQ) C:\Users\****\AppData\Roaming\ICQM\icq.exe
(Skype Technologies S.A.) E:\Skype\Phone\Skype.exe
(Microsoft Corporation) X:\Microsoft Office\OFFICE11\OUTLOOK.EXE
() X:\Razer\DeathAdder\razerhid.exe
(Acronis) X:\Acronis\TrueImageHome\TrueImageMonitor.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() X:\Razer\DeathAdder\razertra.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() X:\DVBViewer\Scheduler.exe
(BitTorrent Inc.) X:\uTorrent\uTorrent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) X:\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Razer Inc.) X:\Razer\DeathAdder\razerofa.exe
() X:\Razer\DeathAdder\vdDaemon.exe
(Valve Corporation) Z:\Steam\Steam.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() E:\MSI Afterburner\MSIAfterburner.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(mIRC Co. Ltd.) E:\mIRC1\mirc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) E:\Firefox\firefox.exe
(Mozilla Corporation) E:\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(VideoLAN) X:\VideoLAN\VLC\vlc.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_296_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391296 2010-08-21] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DeathAdder] => X:\Razer\DeathAdder\razerhid.exe [248320 2011-03-21] ()
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695984 2011-03-25] (brother)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => X:\Acronis\TrueImageHome\TrueImageMonitor.exe [5493736 2010-08-21] (Acronis)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [NetLimiter] => X:\NetLimiter 3\NLClientApp.exe [2910208 2011-03-21] (Locktime Software)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Aim] => C:\Program Files (x86)\AIM\aim.exe [4331392 2012-05-30] (AOL Inc.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [ICQ] => C:\Users\****\AppData\Roaming\ICQM\icq.exe [33664344 2014-01-01] (ICQ)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Skype] => E:\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\MountPoints2: {67746dc0-f776-11e0-8f00-806e6f6e6963} - I:\autorun.exe
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\MountPoints2: {da2275a3-f75f-11e0-861d-806e6f6e6963} - H:\auto.exe
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk
ShortcutTarget: Microsoft Office Outlook 2003.lnk -> C:\Windows\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\outicon.exe ()
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Scheduler.exe - Verknüpfung.lnk
ShortcutTarget: Scheduler.exe - Verknüpfung.lnk -> X:\DVBViewer\Scheduler.exe ()
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\utorrent.lnk
ShortcutTarget: utorrent.lnk -> X:\uTorrent\uTorrent.exe (BitTorrent Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3438649541-831985882-319497044-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3438649541-831985882-319497044-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> X:\Java\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> X:\Java\bin\jp2ssv.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{5221C4C4-43C0-4140-BAA3-DCABF2A416D1}: [NameServer] 192.168.0.250

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786
FF Homepage: about:blank
FF NetworkProxy: "backup.ftp", "178.189.92.118"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "178.189.92.118"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "178.189.92.118"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "167.114.71.58"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "167.114.71.58"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "167.114.71.58"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "167.114.71.58"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> X:\Java\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> X:\Java\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Acrobat -> X:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> X:\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: DownloadHelper - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-24]
FF Extension: CanvasBlocker - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-01-24]
FF Extension: Classic Theme Restorer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-01-24]
FF Extension: Ghostery - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\firefox@ghostery.com.xpi [2015-01-24]
FF Extension: NoScript - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-24]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-24]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-09-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-04]
StartMenuInternet: FIREFOX.EXE - E:\Firefox\firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-08] (Adobe Systems) [File not signed]
R2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [112640 2014-08-11] () [File not signed]
S3 DAUpdaterSvc; Y:\Steam_Games_Y\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-03-29] (BioWare)
S3 Futuremark SystemInfo Service; X:\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 nlsvc; X:\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-07] ()
S2 SkypeUpdate; E:\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
R3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2014-10-15] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-15] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 cleanhlp; G:\BittorrendFiles\EEK\bin\cleanhlp64.sys [57024 2015-01-23] (Emsisoft GmbH)
S3 CrystalSysInfo; G:\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys [10240 2005-09-19] () [File not signed]
R3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [12032 2010-04-19] (Razer (Asia-Pacific) Pte Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R2 ei2c; C:\Windows\system32\drivers\ei2c.sys [20784 2013-08-08] (Nicomsoft Ltd.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
S3 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769816 2011-07-09] (www.ext2fsd.com)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-08-01] ()
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\IPSDefs\20150123.001\IDSvia64.sys [668888 2015-01-21] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\VirusDefs\20150125.032\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\VirusDefs\20150125.032\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R1 nltdi; X:\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software)
S3 RivaTuner64; X:\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2012-01-29] ()
R3 RTCore64; E:\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 SKYNET; C:\Windows\System32\DRIVERS\SkyNET_AMD64.SYS [617048 2010-05-10] (TechniSat Digital, S.A.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-10-15] () [File not signed]
R1 SRTSP; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-01-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
S3 tbwkern; C:\Windows\System32\DRIVERS\tbwkern.sys [32848 2011-06-13] () [File not signed]
U5 UnlockerDriver5; E:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2014-08-13] (Microsoft Corporation)
U3 aoiw46bs; C:\Windows\System32\Drivers\aoiw46bs.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S2 ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys [X]
U2 ccEvtMgr; No ImagePath
U2 ccSetMgr; No ImagePath
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\E:\PC Wizard 2013\pcwiz_x64.sys [X]
U3 navapsvc; No ImagePath
S3 PRLVNIC; system32\DRIVERS\prl_vnic.sys [X]
S2 prl_net; system32\DRIVERS\prl_net.sys [X]
U3 SAVRT; No ImagePath
U1 SAVRTPEL; No ImagePath
U3 TlntSvr; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 23:54 - 2015-01-26 23:55 - 00022199 _____ () C:\Users\****\Desktop\FRST.txt
2015-01-26 23:54 - 2015-01-26 23:54 - 02129920 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2015-01-26 23:54 - 2015-01-26 23:54 - 00000000 ____D () C:\Users\****\Desktop\FRST-OlderVersion
2015-01-24 15:51 - 2015-01-24 16:25 - 00000000 ____D () C:\Users\****\Desktop\Alte Firefox-Daten
2015-01-24 15:18 - 2015-01-24 15:18 - 00000000 ___HD () C:\Windows\AxInstSV
2015-01-24 15:18 - 2015-01-24 15:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-23 20:45 - 2015-01-24 22:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-23 18:13 - 2015-01-23 18:13 - 00000676 _____ () C:\Users\****\Desktop\Start Emsisoft Emergency Kit.lnk
2015-01-23 13:49 - 2015-01-23 13:49 - 00000817 _____ () C:\Users\****\Desktop\µTorrent.lnk
2015-01-22 20:31 - 2015-01-22 20:31 - 00000000 ____D () C:\NPE
2015-01-22 19:09 - 2015-01-22 19:09 - 00000987 _____ () C:\Users\****\Desktop\JRT.txt
2015-01-22 19:07 - 2015-01-22 19:07 - 00000000 ____D () C:\Windows\ERUNT
2015-01-22 18:56 - 2015-01-24 23:20 - 00000000 ____D () C:\AdwCleaner
2015-01-22 18:46 - 2015-01-23 20:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-22 15:14 - 2015-01-22 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Guild 2 - Renaissance
2015-01-22 14:28 - 2015-01-26 23:54 - 00000000 ____D () C:\FRST
2015-01-22 13:36 - 2015-01-22 13:42 - 00000000 ____D () C:\Users\****\AppData\Local\Mozilla
2015-01-22 13:32 - 2015-01-22 13:34 - 00000000 ____D () C:\Users\****\AppData\Roaming\Mozilla
2015-01-22 10:53 - 2015-01-22 10:53 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-22 03:05 - 2015-01-22 03:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2015-01-22 03:00 - 2015-01-22 03:00 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-01-22 03:00 - 2015-01-22 03:00 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-01-22 03:00 - 2015-01-22 03:00 - 00002469 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2015-01-22 03:00 - 2015-01-22 03:00 - 00002469 _____ () C:\ProgramData\Desktop\Norton AntiVirus.lnk
2015-01-22 02:59 - 2015-01-22 03:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2015-01-22 02:59 - 2015-01-22 02:59 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2015-01-22 02:45 - 2015-01-22 02:45 - 00000000 ____D () C:\Users\****\AppData\Local\updates
2015-01-22 02:45 - 2015-01-22 02:45 - 00000000 ____D () C:\Users\****\AppData\Local\Firefox
2015-01-22 02:24 - 2015-01-22 02:24 - 00000000 ____D () C:\Users\RettungsAdmin\AppData\Roaming\Acronis
2015-01-13 19:04 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 19:04 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 19:04 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 19:04 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 19:04 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 19:04 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 19:04 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:04 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:04 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 19:04 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 19:04 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 19:04 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 19:04 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 19:04 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-13 19:04 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 18:44 - 2015-01-13 18:44 - 00289914 ____N () C:\Windows\Minidump\011315-24086-01.dmp
2015-01-13 17:37 - 2014-11-03 20:37 - 00797456 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2015-01-13 17:37 - 2014-11-03 20:37 - 00387344 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2015-01-13 01:37 - 2015-01-13 01:37 - 00000000 ____D () C:\Users\****\AppData\Roaming\RenPy
2015-01-11 00:52 - 2015-01-11 00:52 - 00000000 ____D () C:\Users\****\AppData\Roaming\Frontier Developments
2015-01-11 00:52 - 2015-01-11 00:52 - 00000000 ____D () C:\Users\****\AppData\Local\Frontier Developments
2015-01-10 22:17 - 2015-01-10 22:17 - 06388344 _____ (Tim Kosse) C:\Users\****\Downloads\FileZilla_3.10.0_win32-setup.exe
2015-01-10 14:41 - 2015-01-10 14:41 - 00000000 ____D () C:\Users\****\AppData\Local\Frontier_Developments
2015-01-10 14:40 - 2015-01-10 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elite Dangerous
2015-01-07 21:16 - 2015-01-07 21:16 - 00000835 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2015-01-07 21:15 - 2015-01-07 21:15 - 00000000 ____D () C:\Users\****\AppData\Local\gtk-2.0
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\RettungsAdmin\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\****\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\Administrator\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-03 14:16 - 2015-01-13 18:51 - 00001275 _____ () C:\Users\****\Desktop\NAS 540.lnk
2014-12-30 17:03 - 2014-12-30 17:03 - 00000000 ____D () C:\Program Files (x86)\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 23:35 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-26 23:35 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-26 23:34 - 2011-10-15 22:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Skype
2015-01-26 23:28 - 2013-05-15 12:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-26 14:37 - 2013-05-15 12:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-26 14:37 - 2012-03-28 20:41 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-26 14:37 - 2011-10-16 00:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-26 14:36 - 2014-08-15 11:58 - 00000000 ____D () C:\Users\****\AppData\Local\Adobe
2015-01-26 06:45 - 2011-10-15 20:07 - 02008852 _____ () C:\Windows\WindowsUpdate.log
2015-01-26 02:17 - 2011-10-17 19:15 - 00000000 ____D () C:\Users\****\AppData\Roaming\vlc
2015-01-25 03:40 - 2010-11-21 07:22 - 00703012 _____ () C:\Windows\system32\perfh007.dat
2015-01-25 03:40 - 2010-11-21 07:22 - 00150952 _____ () C:\Windows\system32\perfc007.dat
2015-01-25 03:40 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 03:33 - 2014-08-12 17:14 - 00016290 _____ () C:\Windows\setupact.log
2015-01-25 03:33 - 2011-10-16 01:24 - 00000105 _____ () C:\Windows\Brownie.ini
2015-01-25 03:33 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 03:32 - 2014-07-22 14:38 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-01-25 02:53 - 2012-11-22 07:20 - 00000000 ____D () C:\Users\****\AppData\Local\CrashDumps
2015-01-24 23:48 - 2010-11-21 04:47 - 107363694 _____ () C:\Windows\PFRO.log
2015-01-23 15:36 - 2011-10-16 00:48 - 00000000 ____D () C:\Program Files (x86)\AIM
2015-01-23 13:49 - 2014-09-15 00:46 - 00000797 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-01-22 20:34 - 2014-03-20 10:46 - 00000000 ____D () C:\Users\****\AppData\Local\NPE
2015-01-22 13:34 - 2011-10-15 20:16 - 00000000 ____D () C:\ProgramData\Norton
2015-01-22 10:53 - 2014-11-09 18:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-22 07:00 - 2012-11-20 15:35 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-01-22 03:00 - 2011-10-15 20:16 - 00003218 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-01-22 03:00 - 2011-10-15 20:16 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-01-18 04:22 - 2013-01-01 14:21 - 00000000 ____D () C:\Users\****\AppData\Roaming\ICQM
2015-01-17 22:03 - 2011-10-16 01:25 - 00000432 _____ () C:\Windows\BRWMARK.INI
2015-01-17 17:40 - 2012-01-29 18:47 - 00000000 ____D () C:\Users\****\.VirtualBox
2015-01-17 17:32 - 2014-12-10 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-01-17 17:24 - 2011-10-16 01:50 - 00000000 ____D () C:\Users\****\Desktop\Tools
2015-01-17 17:15 - 2012-10-29 23:12 - 00000000 ____D () C:\Users\****\AppData\Local\Loksim3D
2015-01-17 17:13 - 2014-11-27 19:04 - 00000549 _____ () C:\Users\Public\Desktop\Loksim3D.lnk
2015-01-17 17:13 - 2014-11-27 19:04 - 00000549 _____ () C:\ProgramData\Desktop\Loksim3D.lnk
2015-01-17 17:13 - 2013-08-08 12:05 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 17:13 - 2012-03-03 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loksim3D
2015-01-17 13:31 - 2014-05-28 12:10 - 00000000 ____D () C:\Users\****\.gimp-2.8
2015-01-15 10:44 - 2011-10-19 17:38 - 00000000 ____D () C:\Users\****\AppData\Local\Eraser
2015-01-13 21:15 - 2011-11-20 15:08 - 00000602 _____ () C:\Users\****\Desktop\MSI Afterburner.lnk
2015-01-13 19:09 - 2014-05-13 19:26 - 00109624 _____ () C:\Users\RettungsAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-13 19:08 - 2013-07-09 19:27 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 19:04 - 2011-10-15 20:55 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 18:44 - 2014-03-11 18:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-13 18:44 - 2012-05-08 22:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-13 18:44 - 2011-10-17 19:11 - 00000000 ____D () C:\Windows\Minidump
2015-01-10 22:32 - 2011-10-15 20:44 - 00000000 ____D () C:\Users\****\AppData\Roaming\FileZilla
2015-01-10 22:17 - 2014-09-23 19:26 - 00000615 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-01-10 22:17 - 2014-09-23 19:26 - 00000615 _____ () C:\ProgramData\Desktop\FileZilla Client.lnk
2015-01-10 22:17 - 2013-06-03 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-07 20:40 - 2012-03-13 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-02 00:36 - 2012-03-17 18:36 - 00000000 ____D () C:\Users\****\AppData\Roaming\TeamViewer
2014-12-31 20:52 - 2011-10-15 21:36 - 00950622 _____ () C:\Windows\DirectX.log
2014-12-30 17:03 - 2011-10-15 20:57 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2013-05-16 09:32 - 2013-07-12 20:48 - 0000000 _____ () C:\Users\****\AppData\Roaming\FileIn.cns
2013-05-16 09:32 - 2013-07-12 20:48 - 0000000 _____ () C:\Users\****\AppData\Roaming\FileOut.cns
2012-04-29 01:05 - 2012-08-28 15:07 - 0000079 _____ () C:\Users\****\AppData\Local\CrystalDiskMark30.ini
2012-02-08 15:57 - 2012-06-13 19:30 - 1348976 _____ () C:\Users\****\AppData\Local\parallels.log
2015-01-07 21:16 - 2015-01-07 21:16 - 0000835 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2011-10-22 13:01 - 2014-05-17 03:09 - 0007663 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
2013-11-14 20:17 - 2013-11-14 20:17 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-11-08 15:50 - 2014-11-08 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\drm_dyndata_7380007.dll
C:\Users\****\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\****\AppData\Local\Temp\MSVBVM60.DLL
C:\Users\****\AppData\Local\Temp\msxml6-KB927977-enu-amd64.exe
C:\Users\****\AppData\Local\Temp\setup.exe
C:\Users\****\AppData\Local\Temp\setup64.exe
C:\Users\****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\****\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 02:58

==================== End Of Log ============================
         
--- --- ---



addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by **** at 2015-01-26 23:55:15
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
18 WoS Extreme Trucker 2 (v.1.0) (HKLM-x32\...\18 WoS Extreme Trucker 2) (Version: 1.0 - SCS Software)
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.3 - Futuremark)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABbd406 1.00 (HKLM-x32\...\ABbd406 1.00) (Version: 1.00 - olsystems)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.5105 - Acronis)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.3 - Adobe Systems)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Advanced PDF Password Recovery (HKLM-x32\...\{FDF36223-1144-4309-A5C2-3D5DC40B6C82}) (Version: 5.4.48.423 - Elcomsoft Co. Ltd.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMIP (remove only) (HKLM-x32\...\AMIP) (Version:  - )
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.15.0 - Asmedia Technology)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.1.2 - ASUSTeK Computer Inc.)
Atmosphere Deluxe v7.1 (HKLM-x32\...\Atmosphere Deluxe_is1) (Version:  - Vectormedia Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BDomsb 1.00 (HKLM-x32\...\BDomsb 1.00) (Version: 1.00 - olsystems)
BDwsb 1.00 (HKLM-x32\...\BDwsb 1.00) (Version: 1.00 - olsystems)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Black & White® 2 Battle of the Gods (HKLM-x32\...\{10631C28-62E5-477C-9B40-40C5EA8219BE}) (Version: 1.00.0000 - Lionhead Studios)
BOINC (HKLM\...\{CFA4E1F2-090A-4335-A60B-98D8EC69E841}) (Version: 7.4.27 - Space Sciences Laboratory, U.C. Berkeley)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Brother HL-3040CN (HKLM-x32\...\{746CA010-936E-4224-A294-913394FD4214}) (Version: 1.00 - Brother)
Brother MFL-Pro Suite DCP-7010 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Bulletstorm (HKLM-x32\...\GFWL_{45410935-3E72-472B-8C35-AB1000008200}) (Version: 1.0.0000.130 - EA)
Bulletstorm (x32 Version: 1.0.0000.130 - EA) Hidden
BulletStorm (x32 Version: 1.0.0005.130 - EA) Hidden
Byu 1.00 (HKLM-x32\...\Byu 1.00) (Version: 1.00 - olsystems)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version:  - Colossal Order Ltd.)
Cities in Motion 2 (HKLM-x32\...\Steam App 225420) (Version:  - )
Cities XL 2012 (HKLM-x32\...\Cities XL 2012) (Version: 1.0.0 - Focus Home Interactive)
Cities XL 2012 Version 1.0 (HKLM-x32\...\{C01BF16B-6D37-4C45-BAF4-3D0350806411}_is1) (Version: 1.0 - Focus Home Interactive)
Combined Community Codec Pack 2013-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
CrystalDiskInfo 5.0.3 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.0.3 - Crystal Dew World)
CrystalDiskMark 3.0.2f (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
CVE-2012-1889 (HKLM\...\{06b2b7ed-809a-44e6-8538-ca0f5b74ecc4}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{29447369-6968-4e86-a208-603f6f0771a6}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{393ffabe-5a1a-43b3-8e03-8f573e1e0d01}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{7d32ab1f-1858-4373-a75a-b7cd8feb5d92}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{f300e352-12de-4e7f-ace3-a376874402b6}.sdb) (Version:  - )
CVE-2012-4969 (HKLM\...\{777afb2a-98e5-4f14-b455-378a925cae15}.sdb) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DB Donnerbuechsen 1.00 (HKLM-x32\...\DB Donnerbuechsen 1.00) (Version: 1.00 - olsystems)
DB D-ZUG Schlafwagen WLAB4uem 1.00 (HKLM-x32\...\DB D-ZUG Schlafwagen WLAB4uem 1.00) (Version: 1.00 - olsystems)
DBuz 1.00 (HKLM-x32\...\DBuz 1.00) (Version: 1.00 - olsystems)
DBv 1.00 (HKLM-x32\...\DBv 1.00) (Version: 1.00 - olsystems)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Die Völker 2 Gold (HKLM-x32\...\Gamedownload Die Völker 2 Gold) (Version: 1.0.0.0 - Gamedownload)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 1.9.2.0 - DiskInternals Research)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Drakensang (High Texture Pack) (HKLM-x32\...\Drakensang_is1) (Version:  - dtp AG)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version:  - Gas Powered Games)
Dungeon Siege 2 (HKLM-x32\...\Steam App 39200) (Version:  - Gas Powered Games)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version:  - Obsidian Entertainment)
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 4.8.1 - CM&V)
DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version:  - CM&V)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 8.2.1.3 (28/09/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
Dwarfs!? (HKLM-x32\...\Steam App 35480) (Version:  - Power of 2)
Earth 2160 (HKLM-x32\...\Earth 2160) (Version: 1.3.8.0 - Topware Interactive AG)
EF CheckSum Manager (HKLM\...\EF CheckSum Manager) (Version:  - EFSoftware)
Elite Dangerous Launcher version 0.4.1844.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1844.0 - Frontier Developments)
ElsterFormular (HKLM-x32\...\ElsterFormular 13.2.0.8623p) (Version: 13.2.0.8623p - Landesfinanzdirektion Thüringen)
Empire Earth Gold Edition (HKLM-x32\...\Gamedownload Empire Earth Gold Edition) (Version: 1.0.0.0 - Gamedownload)
Empire Earth II Gold Edition (HKLM-x32\...\Gamedownload Empire Earth II Gold Edition) (Version: 1.0.0.0 - Gamedownload)
Endless Space (HKLM-x32\...\Endless Space_is1) (Version:  - )
Eraser (HKLM-x32\...\Eraser) (Version:  - Heidi Computers Ltd.)
Eraser (x32 Version: 5.86 - Heidi Computers Ltd.) Hidden
e-Saver version 3.1 (HKLM-x32\...\{C97CA73D-E96B-4B42-830E-D0F7BD780FB8}_is1) (Version: 3.1 - AOC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EveMeepV3 (HKLM-x32\...\{52F7EC17-C7D9-4254-BBC5-404A67844ED1}) (Version: 1.0.2 - Evemeep)
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.3.4116 - battleclinic.com)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Ext2Fsd 0.51 (HKLM\...\Ext2Fsd_is1) (Version: 0.51 - Matt Wu)
FAHClient (HKLM-x32\...\FAHClient) (Version: 7.4.4 - Stanford University)
FileZilla Client 3.10.0 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0 - Tim Kosse)
Folding@home-gpu (HKLM-x32\...\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}) (Version: 6.23 - Folding@home)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
From Dust (HKLM-x32\...\Steam App 33460) (Version:  - Ubisoft Montpellier)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
gamelauncher-ps2-psg (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\SOE-Y:/PlanetSide 2) (Version:  - Sony Online Entertainment)
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
German Wagon Pack 1.00 (HKLM-x32\...\German Wagon Pack 1.00) (Version: 1.00 - olsystems)
GIANTS Editor 5.0.1 (HKLM-x32\...\giants_editor_5.0.1_is1) (Version: 5.0.1 - GIANTS Software GmbH)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Guild 2 King's Edition (HKLM-x32\...\{378BA9B5-DB6C-41DB-BE93-86CD198A8A9E}) (Version: 1.0.0 - JoWood)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ICE 1 Redesign 1.00 (HKLM-x32\...\ICE 1 Redesign 1.00) (Version: 1.00 - olsystems)
ICE 2 1.00 (HKLM-x32\...\ICE 2 1.00) (Version: 1.00 - olsystems)
ICE 3M 1.00 (HKLM-x32\...\ICE 3M 1.00) (Version: 1.00 - olsystems)
ICE T 1.00 (HKLM-x32\...\ICE T 1.00) (Version: 1.00 - olsystems)
ICQ 8.2 (build 6901) (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\ICQ) (Version: 8.2.6901.0 - ICQ)
iDeer Blu-ray Player (HKLM-x32\...\iDeer Blu-ray Player) (Version: 1.6.1.1750 - iDeerApp Software Inc.)
IndustrieGigant 2 - Gold Edition (HKLM-x32\...\{6910C412-A523-493C-BC22-0213CD7F4F3A}) (Version: 1.0.0 - JoWooD Productions Software AG)
IndustrieGigant 2 (HKLM-x32\...\{8FA7E81D-6D99-4788-8BE4-D898B346AB2E}) (Version: 1.1.0.0 - JoWooD Productions Software AG)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
KVIrc (HKLM-x32\...\KVIrc) (Version:  - Szymon Stefanek and The KVIrc Development Team)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Loksim3D (HKLM\...\Loksim3D_is1) (Version: 2.9.1 - Loksim3D)
Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version:  - Hanako Games)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version:  - )
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version:  - LucasArts)
Mountain (HKLM-x32\...\Steam App 313340) (Version:  - David OReilly)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 15.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Firefox 35.0.1 (x86 de) (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
MPC-HC 1.6.7.7114 (9eb64ec) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.7.7114 - MPC-HC Team)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 11 DiscSpeed (HKLM-x32\...\{B8B03F99-F600-4D96-ADBD-2F384240FB9C}) (Version: 11.0.00400 - Nero AG)
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{B3DC5C38-EAE3-4003-B6A7-DEF127E9A9AB}) (Version: 12.0.01100 - Nero AG)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Newshosting (HKLM\...\{FE76A200-134E-48EC-8E90-3C124F16BC7F}) (Version: 1.6.1 - Newshosting)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
ÖBB Railjet 1.00 (HKLM-x32\...\ÖBB Railjet 1.00) (Version: 1.00 - olsystems)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Parallels runtime modules (x32 Version: 1.00.0000 - Parallels) Hidden
Patch v2.2 (HKLM-x32\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version:  - RUNEFORGE Games Studios)
Patch v4.17b Update (HKLM-x32\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version:  - RUNEFORGE Games Studios)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Patrician IV: Rise of a Dynasty (HKLM-x32\...\Steam App 57730) (Version:  - )
Patrician IV: Steam Special Edition (HKLM-x32\...\Steam App 57620) (Version:  - )
Patrizier 4 - Patch 1.1.1 (HKLM-x32\...\{5C9D5D8C-9245-45B4-B017-0AD03DA2EEAA}_is1) (Version:  - Kalypso Media)
Patrizier 4 (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.0.0 - Kalypso Media)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Pro Train 29 - Schwarzwaldbahn 1972 Deluxe 1.0  (HKLM-x32\...\Pro Train 29 - Schwarzwaldbahn 1972 Deluxe) (Version: 1.0 - Halycon Media)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProTrain  BR 106 1.0 (HKLM-x32\...\ProTrain  BR 106 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 13 Hamburg - Westerland 1.0 (HKLM-x32\...\ProTrain 13 Hamburg - Westerland 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 16 Schwarzwaldromantik 1.0 (HKLM-x32\...\ProTrain 16 Schwarzwaldromantik 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 18 Hamburg-Berlin 1.0 (HKLM-x32\...\ProTrain 18 Hamburg-Berlin 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 19 Berlin-Rostock 1.0 (HKLM-x32\...\ProTrain 19 Berlin-Rostock 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 21 Kiel-Flensburg 1.0 (HKLM-x32\...\ProTrain 21 Kiel-Flensburg 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 22 Erfurt - Suhl 1.0 (HKLM-x32\...\ProTrain 22 Erfurt - Suhl 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0 (HKLM-x32\...\ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 26 "Die schwäbische Eisenbahn" 1.0 (HKLM-x32\...\ProTrain 26 "Die schwäbische Eisenbahn" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 33 Frankfurt-Cottbus 1.0 (HKLM-x32\...\ProTrain 33 Frankfurt-Cottbus 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 36 1.0 (HKLM-x32\...\ProTrain 36 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 7 - Frankfurt-Nürnberg 1.0 (HKLM-x32\...\ProTrain 7 - Frankfurt-Nürnberg 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 7 "Spessartrampe" Update auf Version 1.2 1.2 (HKLM-x32\...\ProTrain 7 "Spessartrampe" Update auf Version 1.2 1.2) (Version: 1.2 - Blue Sky Interactive)
ProTrain 8 - Update auf Version 1.1 1.1 (HKLM-x32\...\ProTrain 8 - Update auf Version 1.1 1.1) (Version: 1.1 - Blue Sky Interactive)
ProTrain Extra 1.0 (HKLM-x32\...\ProTrain Extra 1.0) (Version: 1.0 - )
ProTrain Extra 2 1.0 (HKLM-x32\...\ProTrain Extra 2 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 3 1.0 (HKLM-x32\...\ProTrain Extra 3 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 4 1.0 (HKLM-x32\...\ProTrain Extra 4 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 5 1.0 (HKLM-x32\...\ProTrain Extra 5 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 6 1.0 (HKLM-x32\...\ProTrain Extra 6 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 6 Update 1.01 1.01 (HKLM-x32\...\ProTrain Extra 6 Update 1.01 1.01) (Version: 1.01 - Blue Sky Interactive)
ProTrain Extra 7 1.0 (HKLM-x32\...\ProTrain Extra 7 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 8 1.0 (HKLM-x32\...\ProTrain Extra 8 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 9 1.0 (HKLM-x32\...\ProTrain Extra 9 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Karwendelbahn Aufgabenpaket 1 1.0 (HKLM-x32\...\ProTrain Karwendelbahn Aufgabenpaket 1 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - 3D Schienen - (HKLM-x32\...\{F3ADFC12-6BCB-42B0-A44C-0745F8AD99FA}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Aufgabenpack 1 - (HKLM-x32\...\{3BBAF8F6-D11A-4B20-9E42-80AE7AD6CD72}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Aufgabenpack 2 - (HKLM-x32\...\{EF497532-E79C-4BFA-8D44-3E4125D4B4F7}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Leipzig - Saalfeld  - (HKLM-x32\...\{7DB1D6CD-9CEA-487C-930F-59DDB2B989FB}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Nürnberg - Saalfeld - (HKLM-x32\...\{1FE4482C-E7EC-4A88-B3EE-AC13054E789E}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 (HKLM-x32\...\AuranTS2009_ptp2_is1) (Version:  - Auran)
ProTrain Perfect Addon 3 - Leipzig - Berlin  - (HKLM-x32\...\{2CE81076-F837-40F0-B8C4-4CA8A9B3D2E3}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Addon 5 - Fulda - Würzburg  - (HKLM-x32\...\{CC82B97C-6937-4170-9F3A-7FF8959D686B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Vogelfluglinie Activitiepack 1 1.0 (HKLM-x32\...\ProTrain Vogelfluglinie Activitiepack 1 1.0) (Version: 1.0 - Blue Sky Interactive)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RailTraction Sahlmmps 1.00 (HKLM-x32\...\RailTraction Sahlmmps 1.00) (Version: 1.00 - olsystems)
Railtraction Sdggmrss 1.00 (HKLM-x32\...\Railtraction Sdggmrss 1.00) (Version: 1.00 - olsystems)
Railtraction Uacns 1.00 (HKLM-x32\...\Railtraction Uacns 1.00) (Version: 1.00 - olsystems)
Railworks 3 Train Simulator 2012 Deluxe (HKLM-x32\...\Railworks 3 Train Simulator 2012 Deluxe_is1) (Version:  - )
Railworks Plus Pack Vol.2 1.11 (HKLM-x32\...\Railworks Plus Pack Vol.2 1.11) (Version: 1.11 - olsystems)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer DeathAdder(TM) Mouse (HKLM-x32\...\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}) (Version: 3.03 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
RW0381 Arkbimbz 1.0 (HKLM-x32\...\RW0381 Arkbimbz 1.0) (Version: 1.0 - trainsimblog.tk)
RX-SSTV Version 1.3.1 (HKLM-x32\...\RX-SSTV_is1) (Version:  - ON6MU)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Sins of a Solar Empire - Trinity (HKLM-x32\...\Sins of a Solar Empire - Trinity) (Version: 1.00 - Stardock Entertainment, Inc.)
Sins of a Solar Empire - Trinity (x32 Version: 1.00 - Stardock Entertainment, Inc.) Hidden
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
Staedteexpress 1.00 (HKLM-x32\...\Staedteexpress 1.00) (Version: 1.00 - olsystems)
Star Conflict Launcher 1.0.1.17 (HKLM-x32\...\StarConflictLauncher_is1) (Version:  - )
Star Ruler (HKLM-x32\...\StarRuler) (Version:  - )
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
Stellar Impact (HKLM-x32\...\Steam App 207150) (Version:  - Tindalos Interactive)
StreamTransport version: 1.1.4.0 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Stronghold 2 (HKLM-x32\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - FireFly Studios)
SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013. (HKLM-x32\...\{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1) (Version: +Recorder.2013.55 - eRightSoft)
SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51 (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52 (HKLM-x32\...\{8F311E2E-C275-4CF0-8154-B63991832668}_is1) (Version: v2012.build.52 - eRightSoft)
SUPER © Version 2008.bld.33 (Sep 2, 2008) (HKLM-x32\...\SUPER ©) (Version: Version 2008.bld.33 (Sep 2, 2008) - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.3.3 - TechniSat)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Softworks)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
The Settlers: Kingdoms of Anteria (HKLM-x32\...\SKoA) (Version:  - Ubisoft GmbH)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - )
Train Simulator 2015 GE Update 7 1.02 (HKLM-x32\...\Train Simulator 2015 GE Update 7 1.02) (Version: 1.02 - olsystems)
Train Simulator 2015 GE Update 8 1.07 (HKLM-x32\...\Train Simulator 2015 GE Update 8 1.07) (Version: 1.07 - olsystems)
Triebwagen 1.00 (HKLM-x32\...\Triebwagen 1.00) (Version: 1.00 - olsystems)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
TS2015 GE Wagen Upgrade Pack 1.00 (HKLM-x32\...\TS2015 GE Wagen Upgrade Pack 1.00) (Version: 1.00 - olsystems)
TTB Szenario Pack Munich-Augsburg 1.00 (HKLM-x32\...\TTB Szenario Pack Munich-Augsburg 1.00) (Version: 1.00 - olsystems)
TTB Szenario Pack Vol.1 Berlin Wittenberg 1.06 (HKLM-x32\...\TTB Szenario Pack Vol.1 Berlin Wittenberg 1.06) (Version: 1.06 - olsystems)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Viscera Cleanup Detail - ALPHA (HKLM\...\UDK-ff8f3672-fcac-403e-ad9b-9b9585a6dcdf) (Version:  - RuneStorm)
Vizzart BR112 1.00 (HKLM-x32\...\Vizzart BR112 1.00) (Version: 1.00 - olsystems)
Vizzart BR112 Update 1.1 1.00 (HKLM-x32\...\Vizzart BR112 Update 1.1 1.00) (Version: 1.00 - olsystems)
Vizzart BR429 1.00 (HKLM-x32\...\Vizzart BR429 1.00) (Version: 1.00 - olsystems)
Vizzart IC Steuerwagen Rot 1.00 (HKLM-x32\...\Vizzart IC Steuerwagen Rot 1.00) (Version: 1.00 - olsystems)
Vizzart IC Steuerwagen Weiß 1.00 (HKLM-x32\...\Vizzart IC Steuerwagen Weiß 1.00) (Version: 1.00 - olsystems)
Vizzart Metropolitan 1.00 (HKLM-x32\...\Vizzart Metropolitan 1.00) (Version: 1.00 - olsystems)
Vizzart Regioshuttle 1.00 (HKLM-x32\...\Vizzart Regioshuttle 1.00) (Version: 1.00 - olsystems)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VR DB IC Wagen 1.00 (HKLM-x32\...\VR DB IC Wagen 1.00) (Version: 1.00 - olsystems)
VR DB Reisezugwagen Epoche III IV 1.00 (HKLM-x32\...\VR DB Reisezugwagen Epoche III IV 1.00) (Version: 1.00 - olsystems)
VR DB Schnellzugwagen Epoche 4 1.00 (HKLM-x32\...\VR DB Schnellzugwagen Epoche 4 1.00) (Version: 1.00 - olsystems)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - )
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebTemp 3.38-pre12 (kostenlose Version) (HKLM-x32\...\WebTemp_is1) (Version:  - hxxp://www.webtemp.org)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Support Tools (HKLM-x32\...\{F07F0BCD-5C6D-4499-9F05-6ED747078A72}) (Version: 5.2.3790.3959 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinHTTrack Website Copier 3.45-4 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.45.4 - HTTrack)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRK 3.1.2 (win64) (HKLM\...\WinRK) (Version: 3.1.2 (win64) - M Software Ltd.)
WinUAE 2.5.1 (HKLM-x32\...\WinUAE) (Version: 2.5.1 - Arabuusimiehet)
World of Tanks v.0.7.1 (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
X Rebirth (HKLM-x32\...\Steam App 2870) (Version:  - Egosoft)
X3 Albion Prelude Bonuspaket 5.1.0.0 (HKLM-x32\...\X3AP Bonus Pack_is1) (Version: 5.1.0.0 - Egosoft)
X3 Terran Conflict v3.2 (HKLM-x32\...\X3TerranConflict_is1) (Version:  - EGOSOFT)
X3: Albion Prelude (HKLM-x32\...\Steam App 201310) (Version:  - Egosoft)
X3: Terran Conflict (HKLM-x32\...\Steam App 2820) (Version:  - Egosoft)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - )
YDKJ Collection (HKLM-x32\...\{ED28CD78-02BC-4014-A548-EFFB9A0673D0}) (Version: 1.00.0000 - DocStrange)
YOU DON'T KNOW JACK Vol. 1 XL (HKLM-x32\...\Steam App 252730) (Version:  - )
YOU DON'T KNOW JACK Vol. 2 (HKLM-x32\...\Steam App 259940) (Version:  - )
YOU DON'T KNOW JACK Vol. 3 (HKLM-x32\...\Steam App 259960) (Version:  - )
YOU DON'T KNOW JACK Vol. 4 The Ride (HKLM-x32\...\Steam App 259980) (Version:  - )
Zusi 3.0.4 (Demo) (HKLM-x32\...\www.zusi.de/zusi3/demo_is1) (Version: 3 - Carsten Hölscher)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-13 18:06 - 00002435 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 *.ligatus.com
127.0.0.1 ligatus.com
127.0.0.1 activate.adobe.com      
127.0.0.1 practivate.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 activate.adobe.com:443
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com

There are 23 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1B40CDDC-619C-4E46-A64F-357D650D2028} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe
Task: {29804085-39FA-4778-8210-8EC4BFB7AFD3} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe
Task: {42BBF2C8-4E76-4474-8D04-B3C5ACE0EFF1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {65DE70E5-7877-426C-8EE0-CC34B6A0CD9F} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {C39387F7-1DB9-4A45-8B62-D0C143A149C4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {D03CE815-F8F9-4C8A-B289-CAA4868D7056} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-08-11 21:27 - 2014-08-11 21:27 - 00112640 _____ () C:\AMD\amdacpusrsvc.exe
2012-09-08 14:18 - 2011-03-21 15:19 - 00053248 _____ () X:\NetLimiter 3\nlsvcPS.dll
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () X:\FileZilla\fzshellext_64.dll
2012-09-08 14:22 - 2011-05-28 21:05 - 00164864 _____ () X:\WinRAR\rarext.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () E:\Unlocker\UnlockerCOM.dll
2012-09-08 14:18 - 2011-03-21 10:06 - 00248320 _____ () X:\Razer\DeathAdder\razerhid.exe
2012-09-08 14:18 - 2010-04-27 13:41 - 00218112 _____ () X:\Razer\DeathAdder\razertra.exe
2012-09-08 14:17 - 2008-02-02 17:11 - 00228352 _____ () X:\DVBViewer\Scheduler.exe
2012-09-08 14:18 - 2011-04-14 10:48 - 01758208 _____ () X:\Razer\DeathAdder\vdDaemon.exe
2014-12-06 08:03 - 2014-12-06 08:03 - 00565760 _____ () E:\MSI Afterburner\MSIAfterburner.exe
2014-07-30 10:38 - 2014-07-30 10:38 - 00121363 _____ () X:\VideoLAN\VLC\libvlc.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 02524691 _____ () X:\VideoLAN\VLC\libvlccore.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00713235 _____ () X:\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00031251 _____ () X:\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00034323 _____ () X:\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 12501523 _____ () X:\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01470995 _____ () X:\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00070163 _____ () X:\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 02376211 _____ () X:\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00106515 _____ () X:\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00263699 _____ () X:\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00080915 _____ () X:\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00051219 _____ () X:\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00063507 _____ () X:\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00608275 _____ () X:\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01022995 _____ () X:\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00125459 _____ () X:\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00043539 _____ () X:\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017427 _____ () X:\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00140307 _____ () X:\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 02218003 _____ () X:\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00318995 _____ () X:\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00058387 _____ () X:\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00043027 _____ () X:\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00091667 _____ () X:\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00341011 _____ () X:\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00021523 _____ () X:\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01505811 _____ () X:\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00330771 _____ () X:\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00417811 _____ () X:\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00230931 _____ () X:\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00029715 _____ () X:\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00019475 _____ () X:\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01745427 _____ () X:\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00192019 _____ () X:\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00025619 _____ () X:\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00833555 _____ () X:\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00022035 _____ () X:\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00031763 _____ () X:\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00218643 _____ () X:\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 11244051 _____ () X:\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00857107 _____ () X:\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00040467 _____ () X:\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00028179 _____ () X:\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00701459 _____ () X:\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00121875 _____ () X:\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00032787 _____ () X:\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00024083 _____ () X:\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00057363 _____ () X:\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00019475 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00038419 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00024083 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00027667 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00018451 _____ () X:\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00018451 _____ () X:\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017427 _____ () X:\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017427 _____ () X:\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00023059 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00057875 _____ () X:\VideoLAN\VLC\plugins\video_output\libdirect2d_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00139795 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00186387 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00081939 _____ () X:\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 01506835 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00025619 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00016915 _____ () X:\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017939 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017939 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00017427 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00018963 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00029715 _____ () X:\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2014-07-30 10:38 - 2014-07-30 10:38 - 00274963 _____ () X:\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll
2012-05-30 18:11 - 2012-05-30 18:11 - 00176128 _____ () C:\Program Files (x86)\AIM\nssckbi.dll
2013-05-06 08:06 - 2013-04-19 19:55 - 01452774 _____ () X:\Combined Community Codec Pack\Filters\LAVFilters\avformat-lav-55.dll
2013-05-06 08:06 - 2013-04-19 19:55 - 07908169 _____ () X:\Combined Community Codec Pack\Filters\LAVFilters\avcodec-lav-55.dll
2013-05-06 08:06 - 2013-04-19 19:55 - 00451775 _____ () X:\Combined Community Codec Pack\Filters\LAVFilters\avutil-lav-52.dll
2013-05-06 08:06 - 2013-04-19 20:07 - 00184832 _____ () X:\Combined Community Codec Pack\Filters\LAVFilters\libbluray.dll
2013-06-24 18:25 - 2006-03-09 23:00 - 00195584 __RSH () C:\Windows\SysWow64\MatroskaDX.ax
2013-05-06 08:06 - 2013-04-19 19:55 - 00236581 _____ () X:\Combined Community Codec Pack\Filters\LAVFilters\avresample-lav-1.dll
2011-11-20 13:49 - 2006-09-12 11:46 - 00227328 ____N () C:\Windows\SysWow64\ac3DX.ax
2014-01-01 14:56 - 2014-01-01 14:56 - 00857944 _____ () C:\Users\****\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2012-09-08 14:16 - 2012-04-04 06:53 - 02894240 _____ () X:\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2012-09-08 14:15 - 2012-04-04 06:54 - 01446400 _____ () X:\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2012-09-08 14:15 - 2012-04-04 06:54 - 00105984 _____ () X:\Adobe\Acrobat 10.0\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU
2014-08-28 22:01 - 2014-12-01 22:31 - 02396672 _____ () Z:\Steam\libavcodec-56.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00442880 _____ () Z:\Steam\libavutil-54.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00479744 _____ () Z:\Steam\libavformat-56.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00332800 _____ () Z:\Steam\libavresample-2.dll
2014-05-25 21:51 - 2014-11-11 19:47 - 00774656 _____ () Z:\Steam\SDL2.dll
2015-01-19 23:32 - 2014-12-02 01:29 - 05002752 _____ () Z:\Steam\v8.dll
2015-01-19 23:32 - 2014-12-02 01:29 - 01612800 _____ () Z:\Steam\icui18n.dll
2015-01-19 23:32 - 2014-12-02 01:29 - 01210368 _____ () Z:\Steam\icuuc.dll
2014-05-25 21:51 - 2015-01-23 23:34 - 02227904 _____ () Z:\Steam\video.dll
2014-08-28 22:01 - 2014-12-01 22:31 - 00485888 _____ () Z:\Steam\libswscale-3.dll
2014-05-25 21:53 - 2015-01-23 23:33 - 00696512 _____ () Z:\Steam\bin\chromehtml.DLL
2014-05-25 21:53 - 2015-01-16 00:42 - 34641288 _____ () Z:\Steam\bin\libcef.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00071680 _____ () E:\MSI Afterburner\RTMUI.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00056832 _____ () E:\MSI Afterburner\RTFC.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00217600 _____ () E:\MSI Afterburner\RTCore.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00353792 _____ () E:\MSI Afterburner\RTUI.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00649216 _____ () E:\MSI Afterburner\RTHAL.dll
2014-08-14 18:48 - 2015-01-16 00:42 - 01709960 _____ () Z:\Steam\bin\ffmpegsumo.dll
2008-08-02 21:14 - 2008-03-14 23:52 - 00012288 _____ () E:\mIRC1\script\dlls\dmu.dll
2008-08-02 21:14 - 2008-03-14 23:52 - 00018944 _____ () E:\mIRC1\script\dlls\mdock61.dll
2015-01-26 16:32 - 2015-01-26 16:33 - 03925104 _____ () E:\Firefox\mozjs.dll
2015-01-26 14:37 - 2015-01-26 14:37 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3438649541-831985882-319497044-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3438649541-831985882-319497044-501 - Limited - Enabled)
**** (S-1-5-21-3438649541-831985882-319497044-1000 - Administrator - Enabled) => C:\Users\****
HomeGroupUser$ (S-1-5-21-3438649541-831985882-319497044-1006 - Limited - Enabled)
Netzwerkgast (S-1-5-21-3438649541-831985882-319497044-1007 - Limited - Disabled)
RettungsAdmin (S-1-5-21-3438649541-831985882-319497044-1008 - Administrator - Enabled) => C:\Users\RettungsAdmin

==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Parallels Networking Driver
Description: Parallels Networking Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: prl_net
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2015 03:35:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 03:33:34 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/25/2015 03:01:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 02:59:47 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/25/2015 02:53:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x9ec
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/24/2015 11:50:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 11:48:19 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/24/2015 02:22:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x1a9c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/24/2015 01:58:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x1be0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/24/2015 01:14:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0xc38
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3


System errors:
=============
Error: (01/25/2015 03:33:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (01/25/2015 03:33:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/25/2015 03:33:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallels Networking Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/25/2015 02:59:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (01/25/2015 02:59:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/25/2015 02:59:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallels Networking Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/24/2015 11:48:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (01/24/2015 11:48:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/24/2015 11:48:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallels Networking Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/24/2015 11:45:52 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "DHCP-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056


Microsoft Office Sessions:
=========================
Error: (01/25/2015 03:35:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 03:33:34 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/25/2015 03:01:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 02:59:47 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/25/2015 02:53:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d9ec01d038309cba4ef8X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dlled31fa1d-a434-11e4-9918-c85378db6a63

Error: (01/24/2015 11:50:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 11:48:19 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/24/2015 02:22:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d1a9c01d03771006477a4X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll7aa2cbd5-a367-11e4-8112-fc6c92f2dc62

Error: (01/24/2015 01:58:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d1be001d0376d415079b6X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll0b77c122-a364-11e4-8112-fc6c92f2dc62

Error: (01/24/2015 01:14:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5dc3801d037546e7e27d0X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dlle4b6d5d1-a35d-11e4-8112-fc6c92f2dc62


CodeIntegrity Errors:
===================================
  Date: 2014-11-08 22:33:11.184
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-08 22:33:11.153
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.685
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.629
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.441
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.384
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.202
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.149
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:16.874
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:16.820
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 29%
Total physical RAM: 16332.44 MB
Available physical RAM: 11515.93 MB
Total Pagefile: 20426.63 MB
Available Pagefile: 15355.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:167.06 GB) NTFS
Drive d: (TempDaten) (Fixed) (Total:60 GB) (Free:49.39 GB) NTFS
Drive e: (GAMES) (Fixed) (Total:100.01 GB) (Free:19.79 GB) NTFS
Drive f: (DATEN) (Fixed) (Total:100.01 GB) (Free:31.86 GB) NTFS
Drive g: (INTERNET) (Fixed) (Total:100.01 GB) (Free:16.18 GB) NTFS
Drive m: (Media) (Fixed) (Total:863.01 GB) (Free:87.44 GB) NTFS
Drive v: (Sicherung_VMs) (Fixed) (Total:863.01 GB) (Free:570.86 GB) NTFS
Drive w: (BACKUP) (Fixed) (Total:105.74 GB) (Free:57.43 GB) NTFS
Drive x: (Programme) (Fixed) (Total:55.9 GB) (Free:29.82 GB) NTFS
Drive y: (Image) (Fixed) (Total:1000 GB) (Free:495.68 GB) NTFS
Drive z: (Netzwerk) (Fixed) (Total:1000 GB) (Free:527.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0B0EDB72)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 14563881)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 863DB41E)
Partition 1: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=305.7 GB) - (Type=OF Extended)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BF2A384C)
Partition 1: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2F865633)
Partition 1: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=863 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

ProxyEinstellungen vom Firefox sind wieder selbt eingestellt

Alt 26.01.2015, 23:31   #11
Bootsektor
Ruhe in Frieden
† 2019
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



Hallo,

Zitat:
U3 aoiw46bs; C:\Windows\System32\Drivers\aoiw46bs.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
dieser kann mit hoher Wahrscheinlichkeit Teil von deiner Emulationssoftware sein, magst du bitte einmal defogger benutzen und ein neues FRST machen?

Schritt 12
Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
  • Starte das Tool mit Doppelklick.
  • Klicke nun auf den Disable Button, um die Treiber gewisser Emulatoren zu deaktivieren.
  • Defogger wird dich fragen "Defogger will forcefully terminate and disable all CD Emulator related drivers and processes... Continue?" bestätige diese Sicherheitsabfrage mit Ja.
  • Wenn der Scan beendet wurde (Finished), klicke auf OK.
  • Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.
  • Defogger erstellt auf dem Desktop eine Logdatei mit dem Namen defogger_disable.log. Poste deren Inhalt mit deiner nächsten Antwort.
Klicke den Re-enable Button nicht ohne Anweisung!

Alt 27.01.2015, 00:11   #12
fump
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



ich weiß zwar woher die Datei Kommt (Daemontools) aber OK

defogger

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:34 on 27/01/2015 (****)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         
FRST

FRST.txt


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by **** (administrator) on SEBASTIAN on 27-01-2015 01:00:01
Running from C:\Users\****\Desktop
Loaded Profiles: **** (Available profiles: **** & RettungsAdmin & Administrator)
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\AMD\amdacpusrsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe
(Locktime Software) X:\NetLimiter 3\nlsvc.exe
(Skype Technologies) E:\Skype\Updater\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Locktime Software) X:\NetLimiter 3\NLClientApp.exe
(AOL Inc.) C:\Program Files (x86)\AIM\aim.exe
(ICQ) C:\Users\****\AppData\Roaming\ICQM\icq.exe
(Skype Technologies S.A.) E:\Skype\Phone\Skype.exe
(Microsoft Corporation) X:\Microsoft Office\OFFICE11\OUTLOOK.EXE
() X:\Razer\DeathAdder\razerhid.exe
() X:\DVBViewer\Scheduler.exe
(Acronis) X:\Acronis\TrueImageHome\TrueImageMonitor.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() X:\Razer\DeathAdder\razertra.exe
(Adobe Systems Incorporated) X:\Adobe\Reader 10.0\Reader\reader_sl.exe
(BitTorrent Inc.) X:\uTorrent\uTorrent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) X:\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Razer Inc.) X:\Razer\DeathAdder\razerofa.exe
() X:\Razer\DeathAdder\vdDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wsqmcons.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391296 2010-08-21] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DeathAdder] => X:\Razer\DeathAdder\razerhid.exe [248320 2011-03-21] ()
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [3695984 2011-03-25] (brother)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => X:\Acronis\TrueImageHome\TrueImageMonitor.exe [5493736 2010-08-21] (Acronis)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [NetLimiter] => X:\NetLimiter 3\NLClientApp.exe [2910208 2011-03-21] (Locktime Software)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Aim] => C:\Program Files (x86)\AIM\aim.exe [4331392 2012-05-30] (AOL Inc.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [ICQ] => C:\Users\****\AppData\Roaming\ICQM\icq.exe [33664344 2014-01-01] (ICQ)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Run: [Skype] => E:\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\MountPoints2: {67746dc0-f776-11e0-8f00-806e6f6e6963} - I:\autorun.exe
HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\MountPoints2: {da2275a3-f75f-11e0-861d-806e6f6e6963} - H:\auto.exe
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk
ShortcutTarget: Microsoft Office Outlook 2003.lnk -> C:\Windows\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\outicon.exe ()
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Scheduler.exe - Verknüpfung.lnk
ShortcutTarget: Scheduler.exe - Verknüpfung.lnk -> X:\DVBViewer\Scheduler.exe ()
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\utorrent.lnk
ShortcutTarget: utorrent.lnk -> X:\uTorrent\uTorrent.exe (BitTorrent Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3438649541-831985882-319497044-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3438649541-831985882-319497044-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> X:\Java\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> X:\Java\bin\jp2ssv.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{5221C4C4-43C0-4140-BAA3-DCABF2A416D1}: [NameServer] 192.168.0.250

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786
FF Homepage: about:blank
FF NetworkProxy: "backup.ftp", "178.189.92.118"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "178.189.92.118"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "178.189.92.118"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "167.114.71.58"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "167.114.71.58"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "167.114.71.58"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "167.114.71.58"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> X:\Java\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> X:\Java\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> X:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Acrobat -> X:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> X:\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3438649541-831985882-319497044-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: DownloadHelper - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-24]
FF Extension: CanvasBlocker - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-01-24]
FF Extension: Classic Theme Restorer - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-01-24]
FF Extension: Ghostery - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\firefox@ghostery.com.xpi [2015-01-24]
FF Extension: NoScript - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-24]
FF Extension: Adblock Plus - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\4pow2126.default-1422113146786\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-24]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - X:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-09-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-04]
StartMenuInternet: FIREFOX.EXE - E:\Firefox\firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-08] (Adobe Systems) [File not signed]
R2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [112640 2014-08-11] () [File not signed]
S3 DAUpdaterSvc; Y:\Steam_Games_Y\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-03-29] (BioWare)
S3 Futuremark SystemInfo Service; X:\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 nlsvc; X:\NetLimiter 3\nlsvc.exe [1845248 2011-03-21] (Locktime Software) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-07] ()
R2 SkypeUpdate; E:\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2014-10-15] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-15] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 cleanhlp; G:\BittorrendFiles\EEK\bin\cleanhlp64.sys [57024 2015-01-23] (Emsisoft GmbH)
S3 CrystalSysInfo; G:\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys [10240 2005-09-19] () [File not signed]
R3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [12032 2010-04-19] (Razer (Asia-Pacific) Pte Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-11-25] (Symantec Corporation)
R2 ei2c; C:\Windows\system32\drivers\ei2c.sys [20784 2013-08-08] (Nicomsoft Ltd.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-25] (Symantec Corporation)
S3 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769816 2011-07-09] (www.ext2fsd.com)
S3 GPUZ; C:\Windows\TEMP\GPUZ.sys [27008 2014-08-01] ()
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\IPSDefs\20150126.001\IDSvia64.sys [668888 2015-01-21] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\VirusDefs\20150126.002\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.6.0.32\Definitions\VirusDefs\20150126.002\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R1 nltdi; X:\NetLimiter 3\nltdi.sys [88200 2011-03-21] (Locktime Software)
S3 RivaTuner64; X:\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2012-01-29] ()
R3 SKYNET; C:\Windows\System32\DRIVERS\SkyNET_AMD64.SYS [617048 2010-05-10] (TechniSat Digital, S.A.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-10-15] (Duplex Secure Ltd.)
R1 SRTSP; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-01-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
S3 tbwkern; C:\Windows\System32\DRIVERS\tbwkern.sys [32848 2011-06-13] () [File not signed]
U5 UnlockerDriver5; E:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2014-08-13] (Microsoft Corporation)
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S2 ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys [X]
U2 ccEvtMgr; No ImagePath
U2 ccSetMgr; No ImagePath
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\E:\PC Wizard 2013\pcwiz_x64.sys [X]
U3 navapsvc; No ImagePath
S3 PRLVNIC; system32\DRIVERS\prl_vnic.sys [X]
S2 prl_net; system32\DRIVERS\prl_net.sys [X]
U3 SAVRT; No ImagePath
U1 SAVRTPEL; No ImagePath
U3 TlntSvr; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 01:00 - 2015-01-27 01:00 - 00021170 _____ () C:\Users\****\Desktop\FRST.txt
2015-01-27 00:34 - 2015-01-27 00:34 - 00000020 _____ () C:\Users\****\defogger_reenable
2015-01-26 23:54 - 2015-01-26 23:54 - 02129920 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2015-01-26 23:54 - 2015-01-26 23:54 - 00000000 ____D () C:\Users\****\Desktop\FRST-OlderVersion
2015-01-24 15:51 - 2015-01-24 16:25 - 00000000 ____D () C:\Users\****\Desktop\Alte Firefox-Daten
2015-01-24 15:18 - 2015-01-24 15:18 - 00000000 ___HD () C:\Windows\AxInstSV
2015-01-24 15:18 - 2015-01-24 15:18 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-23 20:45 - 2015-01-24 22:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-23 18:13 - 2015-01-23 18:13 - 00000676 _____ () C:\Users\****\Desktop\Start Emsisoft Emergency Kit.lnk
2015-01-23 13:49 - 2015-01-23 13:49 - 00000817 _____ () C:\Users\****\Desktop\µTorrent.lnk
2015-01-22 20:31 - 2015-01-22 20:31 - 00000000 ____D () C:\NPE
2015-01-22 19:09 - 2015-01-22 19:09 - 00000987 _____ () C:\Users\****\Desktop\JRT.txt
2015-01-22 19:07 - 2015-01-22 19:07 - 00000000 ____D () C:\Windows\ERUNT
2015-01-22 18:56 - 2015-01-24 23:20 - 00000000 ____D () C:\AdwCleaner
2015-01-22 18:46 - 2015-01-23 20:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-22 15:14 - 2015-01-22 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Guild 2 - Renaissance
2015-01-22 14:28 - 2015-01-27 01:00 - 00000000 ____D () C:\FRST
2015-01-22 13:36 - 2015-01-22 13:42 - 00000000 ____D () C:\Users\****\AppData\Local\Mozilla
2015-01-22 13:32 - 2015-01-22 13:34 - 00000000 ____D () C:\Users\****\AppData\Roaming\Mozilla
2015-01-22 10:53 - 2015-01-22 10:53 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-22 03:05 - 2015-01-22 03:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2015-01-22 03:00 - 2015-01-22 03:00 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-01-22 03:00 - 2015-01-22 03:00 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-01-22 03:00 - 2015-01-22 03:00 - 00002469 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2015-01-22 03:00 - 2015-01-22 03:00 - 00002469 _____ () C:\ProgramData\Desktop\Norton AntiVirus.lnk
2015-01-22 02:59 - 2015-01-22 03:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2015-01-22 02:59 - 2015-01-22 02:59 - 00000000 ____D () C:\Program Files (x86)\Norton AntiVirus
2015-01-22 02:45 - 2015-01-22 02:45 - 00000000 ____D () C:\Users\****\AppData\Local\updates
2015-01-22 02:45 - 2015-01-22 02:45 - 00000000 ____D () C:\Users\****\AppData\Local\Firefox
2015-01-22 02:24 - 2015-01-22 02:24 - 00000000 ____D () C:\Users\RettungsAdmin\AppData\Roaming\Acronis
2015-01-13 19:04 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 19:04 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 19:04 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 19:04 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 19:04 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 19:04 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 19:04 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 19:04 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 19:04 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 19:04 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 19:04 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 19:04 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 19:04 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 19:04 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-13 19:04 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 18:44 - 2015-01-13 18:44 - 00289914 ____N () C:\Windows\Minidump\011315-24086-01.dmp
2015-01-13 17:37 - 2014-11-03 20:37 - 00797456 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2015-01-13 17:37 - 2014-11-03 20:37 - 00387344 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2015-01-13 01:37 - 2015-01-13 01:37 - 00000000 ____D () C:\Users\****\AppData\Roaming\RenPy
2015-01-11 00:52 - 2015-01-11 00:52 - 00000000 ____D () C:\Users\****\AppData\Roaming\Frontier Developments
2015-01-11 00:52 - 2015-01-11 00:52 - 00000000 ____D () C:\Users\****\AppData\Local\Frontier Developments
2015-01-10 22:17 - 2015-01-10 22:17 - 06388344 _____ (Tim Kosse) C:\Users\****\Downloads\FileZilla_3.10.0_win32-setup.exe
2015-01-10 14:41 - 2015-01-10 14:41 - 00000000 ____D () C:\Users\****\AppData\Local\Frontier_Developments
2015-01-10 14:40 - 2015-01-10 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elite Dangerous
2015-01-07 21:16 - 2015-01-07 21:16 - 00000835 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2015-01-07 21:15 - 2015-01-07 21:15 - 00000000 ____D () C:\Users\****\AppData\Local\gtk-2.0
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\RettungsAdmin\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\****\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000390 _____ () C:\Users\Administrator\Desktop\DiskInternals Research.lnk
2015-01-07 20:40 - 2015-01-07 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-03 14:16 - 2015-01-13 18:51 - 00001275 _____ () C:\Users\****\Desktop\NAS 540.lnk
2014-12-30 17:03 - 2014-12-30 17:03 - 00000000 ____D () C:\Program Files (x86)\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 00:59 - 2014-08-12 17:14 - 00016346 _____ () C:\Windows\setupact.log
2015-01-27 00:59 - 2011-10-16 01:24 - 00000105 _____ () C:\Windows\Brownie.ini
2015-01-27 00:59 - 2011-10-15 22:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Skype
2015-01-27 00:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-27 00:58 - 2014-07-22 14:38 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-01-27 00:58 - 2011-10-15 20:07 - 02009485 _____ () C:\Windows\WindowsUpdate.log
2015-01-27 00:58 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-27 00:58 - 2009-07-14 05:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-27 00:55 - 2012-11-22 07:20 - 00000000 ____D () C:\Users\****\AppData\Local\CrashDumps
2015-01-27 00:55 - 2011-10-17 19:15 - 00000000 ____D () C:\Users\****\AppData\Roaming\vlc
2015-01-27 00:34 - 2011-10-15 20:05 - 00000000 ____D () C:\Users\****
2015-01-27 00:28 - 2013-05-15 12:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-26 14:37 - 2013-05-15 12:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-26 14:37 - 2012-03-28 20:41 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-26 14:37 - 2011-10-16 00:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-26 14:36 - 2014-08-15 11:58 - 00000000 ____D () C:\Users\****\AppData\Local\Adobe
2015-01-25 03:40 - 2010-11-21 07:22 - 00703012 _____ () C:\Windows\system32\perfh007.dat
2015-01-25 03:40 - 2010-11-21 07:22 - 00150952 _____ () C:\Windows\system32\perfc007.dat
2015-01-25 03:40 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-24 23:48 - 2010-11-21 04:47 - 107363694 _____ () C:\Windows\PFRO.log
2015-01-23 15:36 - 2011-10-16 00:48 - 00000000 ____D () C:\Program Files (x86)\AIM
2015-01-23 13:49 - 2014-09-15 00:46 - 00000797 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-01-22 20:34 - 2014-03-20 10:46 - 00000000 ____D () C:\Users\****\AppData\Local\NPE
2015-01-22 13:34 - 2011-10-15 20:16 - 00000000 ____D () C:\ProgramData\Norton
2015-01-22 10:53 - 2014-11-09 18:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-22 07:00 - 2012-11-20 15:35 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Identity Safe
2015-01-22 03:00 - 2011-10-15 20:16 - 00003218 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-01-22 03:00 - 2011-10-15 20:16 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-01-18 04:22 - 2013-01-01 14:21 - 00000000 ____D () C:\Users\****\AppData\Roaming\ICQM
2015-01-17 22:03 - 2011-10-16 01:25 - 00000432 _____ () C:\Windows\BRWMARK.INI
2015-01-17 17:40 - 2012-01-29 18:47 - 00000000 ____D () C:\Users\****\.VirtualBox
2015-01-17 17:32 - 2014-12-10 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-01-17 17:24 - 2011-10-16 01:50 - 00000000 ____D () C:\Users\****\Desktop\Tools
2015-01-17 17:15 - 2012-10-29 23:12 - 00000000 ____D () C:\Users\****\AppData\Local\Loksim3D
2015-01-17 17:13 - 2014-11-27 19:04 - 00000549 _____ () C:\Users\Public\Desktop\Loksim3D.lnk
2015-01-17 17:13 - 2014-11-27 19:04 - 00000549 _____ () C:\ProgramData\Desktop\Loksim3D.lnk
2015-01-17 17:13 - 2013-08-08 12:05 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 17:13 - 2012-03-03 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loksim3D
2015-01-17 13:31 - 2014-05-28 12:10 - 00000000 ____D () C:\Users\****\.gimp-2.8
2015-01-15 10:44 - 2011-10-19 17:38 - 00000000 ____D () C:\Users\****\AppData\Local\Eraser
2015-01-13 21:15 - 2011-11-20 15:08 - 00000602 _____ () C:\Users\****\Desktop\MSI Afterburner.lnk
2015-01-13 19:09 - 2014-05-13 19:26 - 00109624 _____ () C:\Users\RettungsAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-13 19:08 - 2013-07-09 19:27 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 19:04 - 2011-10-15 20:55 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 18:44 - 2014-03-11 18:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-13 18:44 - 2012-05-08 22:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-13 18:44 - 2011-10-17 19:11 - 00000000 ____D () C:\Windows\Minidump
2015-01-10 22:32 - 2011-10-15 20:44 - 00000000 ____D () C:\Users\****\AppData\Roaming\FileZilla
2015-01-10 22:17 - 2014-09-23 19:26 - 00000615 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2015-01-10 22:17 - 2014-09-23 19:26 - 00000615 _____ () C:\ProgramData\Desktop\FileZilla Client.lnk
2015-01-10 22:17 - 2013-06-03 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-07 20:40 - 2012-03-13 20:05 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2015-01-02 00:36 - 2012-03-17 18:36 - 00000000 ____D () C:\Users\****\AppData\Roaming\TeamViewer
2014-12-31 20:52 - 2011-10-15 21:36 - 00950622 _____ () C:\Windows\DirectX.log
2014-12-30 17:03 - 2011-10-15 20:57 - 00000000 ____D () C:\ProgramData\Skype

==================== Files in the root of some directories =======

2013-05-16 09:32 - 2013-07-12 20:48 - 0000000 _____ () C:\Users\****\AppData\Roaming\FileIn.cns
2013-05-16 09:32 - 2013-07-12 20:48 - 0000000 _____ () C:\Users\****\AppData\Roaming\FileOut.cns
2012-04-29 01:05 - 2012-08-28 15:07 - 0000079 _____ () C:\Users\****\AppData\Local\CrystalDiskMark30.ini
2012-02-08 15:57 - 2012-06-13 19:30 - 1348976 _____ () C:\Users\****\AppData\Local\parallels.log
2015-01-07 21:16 - 2015-01-07 21:16 - 0000835 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2011-10-22 13:01 - 2014-05-17 03:09 - 0007663 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
2013-11-14 20:17 - 2013-11-14 20:17 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-11-08 15:50 - 2014-11-08 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\****\AppData\Local\Temp\drm_dyndata_7380007.dll
C:\Users\****\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\****\AppData\Local\Temp\MSVBVM60.DLL
C:\Users\****\AppData\Local\Temp\msxml6-KB927977-enu-amd64.exe
C:\Users\****\AppData\Local\Temp\setup.exe
C:\Users\****\AppData\Local\Temp\setup64.exe
C:\Users\****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\****\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 02:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---



addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by **** at 2015-01-27 01:00:19
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\uTorrent) (Version: 3.3.2.30586 - BitTorrent Inc.)
18 WoS Extreme Trucker 2 (v.1.0) (HKLM-x32\...\18 WoS Extreme Trucker 2) (Version: 1.0 - SCS Software)
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.3 - Futuremark)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABbd406 1.00 (HKLM-x32\...\ABbd406 1.00) (Version: 1.00 - olsystems)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.5105 - Acronis)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.3 - Adobe Systems)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Advanced PDF Password Recovery (HKLM-x32\...\{FDF36223-1144-4309-A5C2-3D5DC40B6C82}) (Version: 5.4.48.423 - Elcomsoft Co. Ltd.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMIP (remove only) (HKLM-x32\...\AMIP) (Version:  - )
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.15.0 - Asmedia Technology)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.1.2 - ASUSTeK Computer Inc.)
Atmosphere Deluxe v7.1 (HKLM-x32\...\Atmosphere Deluxe_is1) (Version:  - Vectormedia Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BDomsb 1.00 (HKLM-x32\...\BDomsb 1.00) (Version: 1.00 - olsystems)
BDwsb 1.00 (HKLM-x32\...\BDwsb 1.00) (Version: 1.00 - olsystems)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Black & White® 2 Battle of the Gods (HKLM-x32\...\{10631C28-62E5-477C-9B40-40C5EA8219BE}) (Version: 1.00.0000 - Lionhead Studios)
BOINC (HKLM\...\{CFA4E1F2-090A-4335-A60B-98D8EC69E841}) (Version: 7.4.27 - Space Sciences Laboratory, U.C. Berkeley)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Brother HL-3040CN (HKLM-x32\...\{746CA010-936E-4224-A294-913394FD4214}) (Version: 1.00 - Brother)
Brother MFL-Pro Suite DCP-7010 (HKLM-x32\...\{C2530D63-B66B-48B5-BB50-7C6281FE7AA6}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Bulletstorm (HKLM-x32\...\GFWL_{45410935-3E72-472B-8C35-AB1000008200}) (Version: 1.0.0000.130 - EA)
Bulletstorm (x32 Version: 1.0.0000.130 - EA) Hidden
BulletStorm (x32 Version: 1.0.0005.130 - EA) Hidden
Byu 1.00 (HKLM-x32\...\Byu 1.00) (Version: 1.00 - olsystems)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version:  - Colossal Order Ltd.)
Cities in Motion 2 (HKLM-x32\...\Steam App 225420) (Version:  - )
Cities XL 2012 (HKLM-x32\...\Cities XL 2012) (Version: 1.0.0 - Focus Home Interactive)
Cities XL 2012 Version 1.0 (HKLM-x32\...\{C01BF16B-6D37-4C45-BAF4-3D0350806411}_is1) (Version: 1.0 - Focus Home Interactive)
Combined Community Codec Pack 2013-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
CrystalDiskInfo 5.0.3 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.0.3 - Crystal Dew World)
CrystalDiskMark 3.0.2f (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2f - Crystal Dew World)
CVE-2012-1889 (HKLM\...\{06b2b7ed-809a-44e6-8538-ca0f5b74ecc4}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{29447369-6968-4e86-a208-603f6f0771a6}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{393ffabe-5a1a-43b3-8e03-8f573e1e0d01}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{7d32ab1f-1858-4373-a75a-b7cd8feb5d92}.sdb) (Version:  - )
CVE-2012-1889 (HKLM\...\{f300e352-12de-4e7f-ace3-a376874402b6}.sdb) (Version:  - )
CVE-2012-4969 (HKLM\...\{777afb2a-98e5-4f14-b455-378a925cae15}.sdb) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DB Donnerbuechsen 1.00 (HKLM-x32\...\DB Donnerbuechsen 1.00) (Version: 1.00 - olsystems)
DB D-ZUG Schlafwagen WLAB4uem 1.00 (HKLM-x32\...\DB D-ZUG Schlafwagen WLAB4uem 1.00) (Version: 1.00 - olsystems)
DBuz 1.00 (HKLM-x32\...\DBuz 1.00) (Version: 1.00 - olsystems)
DBv 1.00 (HKLM-x32\...\DBv 1.00) (Version: 1.00 - olsystems)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Die Völker 2 Gold (HKLM-x32\...\Gamedownload Die Völker 2 Gold) (Version: 1.0.0.0 - Gamedownload)
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 1.9.2.0 - DiskInternals Research)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Drakensang (High Texture Pack) (HKLM-x32\...\Drakensang_is1) (Version:  - dtp AG)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version:  - Gas Powered Games)
Dungeon Siege 2 (HKLM-x32\...\Steam App 39200) (Version:  - Gas Powered Games)
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version:  - Obsidian Entertainment)
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 4.8.1 - CM&V)
DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version:  - CM&V)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDFab 8.2.1.3 (28/09/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
Dwarfs!? (HKLM-x32\...\Steam App 35480) (Version:  - Power of 2)
Earth 2160 (HKLM-x32\...\Earth 2160) (Version: 1.3.8.0 - Topware Interactive AG)
EF CheckSum Manager (HKLM\...\EF CheckSum Manager) (Version:  - EFSoftware)
Elite Dangerous Launcher version 0.4.1844.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1844.0 - Frontier Developments)
ElsterFormular (HKLM-x32\...\ElsterFormular 13.2.0.8623p) (Version: 13.2.0.8623p - Landesfinanzdirektion Thüringen)
Empire Earth Gold Edition (HKLM-x32\...\Gamedownload Empire Earth Gold Edition) (Version: 1.0.0.0 - Gamedownload)
Empire Earth II Gold Edition (HKLM-x32\...\Gamedownload Empire Earth II Gold Edition) (Version: 1.0.0.0 - Gamedownload)
Endless Space (HKLM-x32\...\Endless Space_is1) (Version:  - )
Eraser (HKLM-x32\...\Eraser) (Version:  - Heidi Computers Ltd.)
Eraser (x32 Version: 5.86 - Heidi Computers Ltd.) Hidden
e-Saver version 3.1 (HKLM-x32\...\{C97CA73D-E96B-4B42-830E-D0F7BD780FB8}_is1) (Version: 3.1 - AOC)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EveMeepV3 (HKLM-x32\...\{52F7EC17-C7D9-4254-BBC5-404A67844ED1}) (Version: 1.0.2 - Evemeep)
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.3.4116 - battleclinic.com)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Ext2Fsd 0.51 (HKLM\...\Ext2Fsd_is1) (Version: 0.51 - Matt Wu)
FAHClient (HKLM-x32\...\FAHClient) (Version: 7.4.4 - Stanford University)
FileZilla Client 3.10.0 (HKLM-x32\...\FileZilla Client) (Version: 3.10.0 - Tim Kosse)
Folding@home-gpu (HKLM-x32\...\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}) (Version: 6.23 - Folding@home)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
From Dust (HKLM-x32\...\Steam App 33460) (Version:  - Ubisoft Montpellier)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
gamelauncher-ps2-psg (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\SOE-Y:/PlanetSide 2) (Version:  - Sony Online Entertainment)
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
German Wagon Pack 1.00 (HKLM-x32\...\German Wagon Pack 1.00) (Version: 1.00 - olsystems)
GIANTS Editor 5.0.1 (HKLM-x32\...\giants_editor_5.0.1_is1) (Version: 5.0.1 - GIANTS Software GmbH)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Guild 2 King's Edition (HKLM-x32\...\{378BA9B5-DB6C-41DB-BE93-86CD198A8A9E}) (Version: 1.0.0 - JoWood)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ICE 1 Redesign 1.00 (HKLM-x32\...\ICE 1 Redesign 1.00) (Version: 1.00 - olsystems)
ICE 2 1.00 (HKLM-x32\...\ICE 2 1.00) (Version: 1.00 - olsystems)
ICE 3M 1.00 (HKLM-x32\...\ICE 3M 1.00) (Version: 1.00 - olsystems)
ICE T 1.00 (HKLM-x32\...\ICE T 1.00) (Version: 1.00 - olsystems)
ICQ 8.2 (build 6901) (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\ICQ) (Version: 8.2.6901.0 - ICQ)
iDeer Blu-ray Player (HKLM-x32\...\iDeer Blu-ray Player) (Version: 1.6.1.1750 - iDeerApp Software Inc.)
IndustrieGigant 2 - Gold Edition (HKLM-x32\...\{6910C412-A523-493C-BC22-0213CD7F4F3A}) (Version: 1.0.0 - JoWooD Productions Software AG)
IndustrieGigant 2 (HKLM-x32\...\{8FA7E81D-6D99-4788-8BE4-D898B346AB2E}) (Version: 1.1.0.0 - JoWooD Productions Software AG)
Intel Processor Diagnostic Tool 64bit (HKLM\...\{B1E50355-2437-40B0-A016-67B7490FC93E}) (Version: 2.10.0.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
KVIrc (HKLM-x32\...\KVIrc) (Version:  - Szymon Stefanek and The KVIrc Development Team)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Loksim3D (HKLM\...\Loksim3D_is1) (Version: 2.9.1 - Loksim3D)
Long Live The Queen (HKLM-x32\...\Steam App 251990) (Version:  - Hanako Games)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version:  - )
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version:  - LucasArts)
Mountain (HKLM-x32\...\Steam App 313340) (Version:  - David OReilly)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 15.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Firefox 35.0.1 (x86 de) (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
MPC-HC 1.6.7.7114 (9eb64ec) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.7.7114 - MPC-HC Team)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 11 DiscSpeed (HKLM-x32\...\{B8B03F99-F600-4D96-ADBD-2F384240FB9C}) (Version: 11.0.00400 - Nero AG)
Nero Burning ROM 11 (HKLM-x32\...\{E656D89A-8CBB-497F-918F-8361A4071C26}) (Version: 11.0.10400 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{B3DC5C38-EAE3-4003-B6A7-DEF127E9A9AB}) (Version: 12.0.01100 - Nero AG)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Newshosting (HKLM\...\{FE76A200-134E-48EC-8E90-3C124F16BC7F}) (Version: 1.6.1 - Newshosting)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
ÖBB Railjet 1.00 (HKLM-x32\...\ÖBB Railjet 1.00) (Version: 1.00 - olsystems)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Parallels runtime modules (x32 Version: 1.00.0000 - Parallels) Hidden
Patch v2.2 (HKLM-x32\...\{74A84478-70A5-4F7A-966C-FA2771FF91A5}_is1) (Version:  - RUNEFORGE Games Studios)
Patch v4.17b Update (HKLM-x32\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version:  - RUNEFORGE Games Studios)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Patrician IV: Rise of a Dynasty (HKLM-x32\...\Steam App 57730) (Version:  - )
Patrician IV: Steam Special Edition (HKLM-x32\...\Steam App 57620) (Version:  - )
Patrizier 4 - Patch 1.1.1 (HKLM-x32\...\{5C9D5D8C-9245-45B4-B017-0AD03DA2EEAA}_is1) (Version:  - Kalypso Media)
Patrizier 4 (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.0.0 - Kalypso Media)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.3.0 - Prolific Technology INC)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
PlanetSide 2 (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Publishing Tool (HKLM-x32\...\Steam App 644) (Version:  - )
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Pro Train 29 - Schwarzwaldbahn 1972 Deluxe 1.0  (HKLM-x32\...\Pro Train 29 - Schwarzwaldbahn 1972 Deluxe) (Version: 1.0 - Halycon Media)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
ProTrain  BR 106 1.0 (HKLM-x32\...\ProTrain  BR 106 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 13 Hamburg - Westerland 1.0 (HKLM-x32\...\ProTrain 13 Hamburg - Westerland 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 16 Schwarzwaldromantik 1.0 (HKLM-x32\...\ProTrain 16 Schwarzwaldromantik 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 18 Hamburg-Berlin 1.0 (HKLM-x32\...\ProTrain 18 Hamburg-Berlin 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 19 Berlin-Rostock 1.0 (HKLM-x32\...\ProTrain 19 Berlin-Rostock 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 21 Kiel-Flensburg 1.0 (HKLM-x32\...\ProTrain 21 Kiel-Flensburg 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 22 Erfurt - Suhl 1.0 (HKLM-x32\...\ProTrain 22 Erfurt - Suhl 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0 (HKLM-x32\...\ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 26 "Die schwäbische Eisenbahn" 1.0 (HKLM-x32\...\ProTrain 26 "Die schwäbische Eisenbahn" 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 33 Frankfurt-Cottbus 1.0 (HKLM-x32\...\ProTrain 33 Frankfurt-Cottbus 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 36 1.0 (HKLM-x32\...\ProTrain 36 1.0) (Version: 1.0 - BlueSky Interactive)
ProTrain 7 - Frankfurt-Nürnberg 1.0 (HKLM-x32\...\ProTrain 7 - Frankfurt-Nürnberg 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain 7 "Spessartrampe" Update auf Version 1.2 1.2 (HKLM-x32\...\ProTrain 7 "Spessartrampe" Update auf Version 1.2 1.2) (Version: 1.2 - Blue Sky Interactive)
ProTrain 8 - Update auf Version 1.1 1.1 (HKLM-x32\...\ProTrain 8 - Update auf Version 1.1 1.1) (Version: 1.1 - Blue Sky Interactive)
ProTrain Extra 1.0 (HKLM-x32\...\ProTrain Extra 1.0) (Version: 1.0 - )
ProTrain Extra 2 1.0 (HKLM-x32\...\ProTrain Extra 2 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 3 1.0 (HKLM-x32\...\ProTrain Extra 3 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 4 1.0 (HKLM-x32\...\ProTrain Extra 4 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 5 1.0 (HKLM-x32\...\ProTrain Extra 5 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 6 1.0 (HKLM-x32\...\ProTrain Extra 6 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 6 Update 1.01 1.01 (HKLM-x32\...\ProTrain Extra 6 Update 1.01 1.01) (Version: 1.01 - Blue Sky Interactive)
ProTrain Extra 7 1.0 (HKLM-x32\...\ProTrain Extra 7 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 8 1.0 (HKLM-x32\...\ProTrain Extra 8 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Extra 9 1.0 (HKLM-x32\...\ProTrain Extra 9 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Karwendelbahn Aufgabenpaket 1 1.0 (HKLM-x32\...\ProTrain Karwendelbahn Aufgabenpaket 1 1.0) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - 3D Schienen - (HKLM-x32\...\{F3ADFC12-6BCB-42B0-A44C-0745F8AD99FA}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Aufgabenpack 1 - (HKLM-x32\...\{3BBAF8F6-D11A-4B20-9E42-80AE7AD6CD72}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Aufgabenpack 2 - (HKLM-x32\...\{EF497532-E79C-4BFA-8D44-3E4125D4B4F7}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Leipzig - Saalfeld  - (HKLM-x32\...\{7DB1D6CD-9CEA-487C-930F-59DDB2B989FB}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Nürnberg - Saalfeld - (HKLM-x32\...\{1FE4482C-E7EC-4A88-B3EE-AC13054E789E}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 (HKLM-x32\...\AuranTS2009_ptp2_is1) (Version:  - Auran)
ProTrain Perfect Addon 3 - Leipzig - Berlin  - (HKLM-x32\...\{2CE81076-F837-40F0-B8C4-4CA8A9B3D2E3}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Addon 5 - Fulda - Würzburg  - (HKLM-x32\...\{CC82B97C-6937-4170-9F3A-7FF8959D686B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Vogelfluglinie Activitiepack 1 1.0 (HKLM-x32\...\ProTrain Vogelfluglinie Activitiepack 1 1.0) (Version: 1.0 - Blue Sky Interactive)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RailTraction Sahlmmps 1.00 (HKLM-x32\...\RailTraction Sahlmmps 1.00) (Version: 1.00 - olsystems)
Railtraction Sdggmrss 1.00 (HKLM-x32\...\Railtraction Sdggmrss 1.00) (Version: 1.00 - olsystems)
Railtraction Uacns 1.00 (HKLM-x32\...\Railtraction Uacns 1.00) (Version: 1.00 - olsystems)
Railworks 3 Train Simulator 2012 Deluxe (HKLM-x32\...\Railworks 3 Train Simulator 2012 Deluxe_is1) (Version:  - )
Railworks Plus Pack Vol.2 1.11 (HKLM-x32\...\Railworks Plus Pack Vol.2 1.11) (Version: 1.11 - olsystems)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer DeathAdder(TM) Mouse (HKLM-x32\...\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}) (Version: 3.03 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
RW0381 Arkbimbz 1.0 (HKLM-x32\...\RW0381 Arkbimbz 1.0) (Version: 1.0 - trainsimblog.tk)
RX-SSTV Version 1.3.1 (HKLM-x32\...\RX-SSTV_is1) (Version:  - ON6MU)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Sins of a Solar Empire - Trinity (HKLM-x32\...\Sins of a Solar Empire - Trinity) (Version: 1.00 - Stardock Entertainment, Inc.)
Sins of a Solar Empire - Trinity (x32 Version: 1.00 - Stardock Entertainment, Inc.) Hidden
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
Staedteexpress 1.00 (HKLM-x32\...\Staedteexpress 1.00) (Version: 1.00 - olsystems)
Star Conflict Launcher 1.0.1.17 (HKLM-x32\...\StarConflictLauncher_is1) (Version:  - )
Star Ruler (HKLM-x32\...\StarRuler) (Version:  - )
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
Stellar Impact (HKLM-x32\...\Steam App 207150) (Version:  - Tindalos Interactive)
StreamTransport version: 1.1.4.0 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Stronghold 2 (HKLM-x32\...\Steam App 40960) (Version:  - FireFly Studios)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - FireFly Studios)
SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013. (HKLM-x32\...\{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1) (Version: +Recorder.2013.55 - eRightSoft)
SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51 (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52 (HKLM-x32\...\{8F311E2E-C275-4CF0-8154-B63991832668}_is1) (Version: v2012.build.52 - eRightSoft)
SUPER © Version 2008.bld.33 (Sep 2, 2008) (HKLM-x32\...\SUPER ©) (Version: Version 2008.bld.33 (Sep 2, 2008) - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.3.3 - TechniSat)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Softworks)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
The Settlers: Kingdoms of Anteria (HKLM-x32\...\SKoA) (Version:  - Ubisoft GmbH)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - )
Train Simulator 2015 GE Update 7 1.02 (HKLM-x32\...\Train Simulator 2015 GE Update 7 1.02) (Version: 1.02 - olsystems)
Train Simulator 2015 GE Update 8 1.07 (HKLM-x32\...\Train Simulator 2015 GE Update 8 1.07) (Version: 1.07 - olsystems)
Triebwagen 1.00 (HKLM-x32\...\Triebwagen 1.00) (Version: 1.00 - olsystems)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
TS2015 GE Wagen Upgrade Pack 1.00 (HKLM-x32\...\TS2015 GE Wagen Upgrade Pack 1.00) (Version: 1.00 - olsystems)
TTB Szenario Pack Munich-Augsburg 1.00 (HKLM-x32\...\TTB Szenario Pack Munich-Augsburg 1.00) (Version: 1.00 - olsystems)
TTB Szenario Pack Vol.1 Berlin Wittenberg 1.06 (HKLM-x32\...\TTB Szenario Pack Vol.1 Berlin Wittenberg 1.06) (Version: 1.06 - olsystems)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3438649541-831985882-319497044-1000\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Viscera Cleanup Detail - ALPHA (HKLM\...\UDK-ff8f3672-fcac-403e-ad9b-9b9585a6dcdf) (Version:  - RuneStorm)
Vizzart BR112 1.00 (HKLM-x32\...\Vizzart BR112 1.00) (Version: 1.00 - olsystems)
Vizzart BR112 Update 1.1 1.00 (HKLM-x32\...\Vizzart BR112 Update 1.1 1.00) (Version: 1.00 - olsystems)
Vizzart BR429 1.00 (HKLM-x32\...\Vizzart BR429 1.00) (Version: 1.00 - olsystems)
Vizzart IC Steuerwagen Rot 1.00 (HKLM-x32\...\Vizzart IC Steuerwagen Rot 1.00) (Version: 1.00 - olsystems)
Vizzart IC Steuerwagen Weiß 1.00 (HKLM-x32\...\Vizzart IC Steuerwagen Weiß 1.00) (Version: 1.00 - olsystems)
Vizzart Metropolitan 1.00 (HKLM-x32\...\Vizzart Metropolitan 1.00) (Version: 1.00 - olsystems)
Vizzart Regioshuttle 1.00 (HKLM-x32\...\Vizzart Regioshuttle 1.00) (Version: 1.00 - olsystems)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VR DB IC Wagen 1.00 (HKLM-x32\...\VR DB IC Wagen 1.00) (Version: 1.00 - olsystems)
VR DB Reisezugwagen Epoche III IV 1.00 (HKLM-x32\...\VR DB Reisezugwagen Epoche III IV 1.00) (Version: 1.00 - olsystems)
VR DB Schnellzugwagen Epoche 4 1.00 (HKLM-x32\...\VR DB Schnellzugwagen Epoche 4 1.00) (Version: 1.00 - olsystems)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - )
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebTemp 3.38-pre12 (kostenlose Version) (HKLM-x32\...\WebTemp_is1) (Version:  - hxxp://www.webtemp.org)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Support Tools (HKLM-x32\...\{F07F0BCD-5C6D-4499-9F05-6ED747078A72}) (Version: 5.2.3790.3959 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinHTTrack Website Copier 3.45-4 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.45.4 - HTTrack)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRK 3.1.2 (win64) (HKLM\...\WinRK) (Version: 3.1.2 (win64) - M Software Ltd.)
WinUAE 2.5.1 (HKLM-x32\...\WinUAE) (Version: 2.5.1 - Arabuusimiehet)
World of Tanks v.0.7.1 (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
X Rebirth (HKLM-x32\...\Steam App 2870) (Version:  - Egosoft)
X3 Albion Prelude Bonuspaket 5.1.0.0 (HKLM-x32\...\X3AP Bonus Pack_is1) (Version: 5.1.0.0 - Egosoft)
X3 Terran Conflict v3.2 (HKLM-x32\...\X3TerranConflict_is1) (Version:  - EGOSOFT)
X3: Albion Prelude (HKLM-x32\...\Steam App 201310) (Version:  - Egosoft)
X3: Terran Conflict (HKLM-x32\...\Steam App 2820) (Version:  - Egosoft)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - )
YDKJ Collection (HKLM-x32\...\{ED28CD78-02BC-4014-A548-EFFB9A0673D0}) (Version: 1.00.0000 - DocStrange)
YOU DON'T KNOW JACK Vol. 1 XL (HKLM-x32\...\Steam App 252730) (Version:  - )
YOU DON'T KNOW JACK Vol. 2 (HKLM-x32\...\Steam App 259940) (Version:  - )
YOU DON'T KNOW JACK Vol. 3 (HKLM-x32\...\Steam App 259960) (Version:  - )
YOU DON'T KNOW JACK Vol. 4 The Ride (HKLM-x32\...\Steam App 259980) (Version:  - )
Zusi 3.0.4 (Demo) (HKLM-x32\...\www.zusi.de/zusi3/demo_is1) (Version: 3 - Carsten Hölscher)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-13 18:06 - 00002435 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 *.ligatus.com
127.0.0.1 ligatus.com
127.0.0.1 activate.adobe.com      
127.0.0.1 practivate.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 activate.adobe.com:443
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com

There are 23 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1B40CDDC-619C-4E46-A64F-357D650D2028} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe
Task: {29804085-39FA-4778-8210-8EC4BFB7AFD3} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe
Task: {42BBF2C8-4E76-4474-8D04-B3C5ACE0EFF1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {65DE70E5-7877-426C-8EE0-CC34B6A0CD9F} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {C39387F7-1DB9-4A45-8B62-D0C143A149C4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: {D03CE815-F8F9-4C8A-B289-CAA4868D7056} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-08-11 21:27 - 2014-08-11 21:27 - 00112640 _____ () C:\AMD\amdacpusrsvc.exe
2012-09-08 14:18 - 2011-03-21 15:19 - 00053248 _____ () X:\NetLimiter 3\nlsvcPS.dll
2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () X:\FileZilla\fzshellext_64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () E:\Unlocker\UnlockerCOM.dll
2012-09-08 14:22 - 2011-05-28 21:05 - 00164864 _____ () X:\WinRAR\rarext.dll
2012-09-08 14:18 - 2011-03-21 10:06 - 00248320 _____ () X:\Razer\DeathAdder\razerhid.exe
2012-09-08 14:17 - 2008-02-02 17:11 - 00228352 _____ () X:\DVBViewer\Scheduler.exe
2012-09-08 14:18 - 2010-04-27 13:41 - 00218112 _____ () X:\Razer\DeathAdder\razertra.exe
2012-09-08 14:18 - 2011-04-14 10:48 - 01758208 _____ () X:\Razer\DeathAdder\vdDaemon.exe
2012-05-30 18:11 - 2012-05-30 18:11 - 00176128 _____ () C:\Program Files (x86)\AIM\nssckbi.dll
2014-01-01 14:56 - 2014-01-01 14:56 - 00857944 _____ () C:\Users\****\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2012-09-08 14:16 - 2012-04-04 06:53 - 02894240 _____ () X:\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2012-09-08 14:15 - 2012-04-04 06:54 - 01446400 _____ () X:\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2012-09-08 14:15 - 2012-04-04 06:54 - 00105984 _____ () X:\Adobe\Acrobat 10.0\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3438649541-831985882-319497044-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3438649541-831985882-319497044-501 - Limited - Enabled)
**** (S-1-5-21-3438649541-831985882-319497044-1000 - Administrator - Enabled) => C:\Users\****
HomeGroupUser$ (S-1-5-21-3438649541-831985882-319497044-1006 - Limited - Enabled)
Netzwerkgast (S-1-5-21-3438649541-831985882-319497044-1007 - Limited - Disabled)
RettungsAdmin (S-1-5-21-3438649541-831985882-319497044-1008 - Administrator - Enabled) => C:\Users\RettungsAdmin

==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Parallels Networking Driver
Description: Parallels Networking Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: prl_net
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2015 00:59:01 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/27/2015 00:55:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x1900
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/25/2015 03:35:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 03:33:34 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/25/2015 03:01:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 02:59:47 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/25/2015 02:53:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x9ec
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/24/2015 11:50:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 11:48:19 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/24/2015 02:22:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x1a9c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3


System errors:
=============
Error: (01/27/2015 00:59:08 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (01/27/2015 00:59:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/27/2015 00:59:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallels Networking Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/27/2015 00:05:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/27/2015 00:05:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ACP User Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/25/2015 03:33:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (01/25/2015 03:33:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/25/2015 03:33:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Parallels Networking Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/25/2015 02:59:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (01/25/2015 02:59:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (01/27/2015 00:59:01 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/27/2015 00:55:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d190001d039881c6285dbX:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dlld90c0e69-a5b6-11e4-af95-e8d57a7f4f62

Error: (01/25/2015 03:35:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 03:33:34 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/25/2015 03:01:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2015 02:59:47 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/25/2015 02:53:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d9ec01d038309cba4ef8X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dlled31fa1d-a434-11e4-9918-c85378db6a63

Error: (01/24/2015 11:50:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/24/2015 11:48:19 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: IOCTL_ACPKSD_KSD_TO_USR_SVC_SET_FB_APERTURES: FAILED

Error: (01/24/2015 02:22:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d1a9c01d03771006477a4X:\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll7aa2cbd5-a367-11e4-8112-fc6c92f2dc62


CodeIntegrity Errors:
===================================
  Date: 2014-11-08 22:33:11.184
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-08 22:33:11.153
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.685
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.629
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.441
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.384
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.202
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:17.149
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:16.874
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-02 13:50:16.820
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume11\BittorrendFiles\Software\CrystalCPUID412\SysInfoX64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 14%
Total physical RAM: 16332.44 MB
Available physical RAM: 13912.2 MB
Total Pagefile: 20426.63 MB
Available Pagefile: 17750.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:167.14 GB) NTFS
Drive d: (TempDaten) (Fixed) (Total:60 GB) (Free:49.39 GB) NTFS
Drive e: (GAMES) (Fixed) (Total:100.01 GB) (Free:19.79 GB) NTFS
Drive f: (DATEN) (Fixed) (Total:100.01 GB) (Free:31.86 GB) NTFS
Drive g: (INTERNET) (Fixed) (Total:100.01 GB) (Free:16.18 GB) NTFS
Drive m: (Media) (Fixed) (Total:863.01 GB) (Free:87.44 GB) NTFS
Drive v: (Sicherung_VMs) (Fixed) (Total:863.01 GB) (Free:570.86 GB) NTFS
Drive w: (BACKUP) (Fixed) (Total:105.74 GB) (Free:57.43 GB) NTFS
Drive x: (Programme) (Fixed) (Total:55.9 GB) (Free:29.82 GB) NTFS
Drive y: (Image) (Fixed) (Total:1000 GB) (Free:495.68 GB) NTFS
Drive z: (Netzwerk) (Fixed) (Total:1000 GB) (Free:527.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0B0EDB72)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 863DB41E)
Partition 1: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=305.7 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 14563881)
Partition 1: (Not Active) - (Size=55.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BF2A384C)
Partition 1: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2F865633)
Partition 1: (Not Active) - (Size=1000 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=863 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 28.01.2015, 22:21   #13
Bootsektor
Ruhe in Frieden
† 2019
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



Hallo,
Zitat:
ich weiß zwar woher die Datei Kommt (Daemontools) aber OK
ich war mir da auch zu 99,99 % sicher, aber Vorsicht ist die Mutter der Porzellankiste .

Dann können wir auch eben noch mal den sehr gründlichen Onlinescan machen, vergess nachher nicht, bei defogger wieder auf reenable zu drücken. (Also am Schluss der Bereinigung)

Schritt 1
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 2
Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Alt 28.01.2015, 22:34   #14
fump
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



Kurze Frage, ich habe schon den ESET Online Scanner über die Website (über Active X Applet) von dem ich auch dieses "Log" hatte.

Ist dies nicht der gleiche?

Wenn Ja, da hatte ich auch schon diesen langen Scan gemacht über alles Laufwerke gemacht nach dem defogger, da findet der auch nicht mehr als wenn ich die Einstellungen auf Arbeitsspeicher und komplette Systempartition + Programmpartion begrenze.
Nur dieses Hide Window von MIRC im Arbeitsspeicher.

Erkennung von eventuell unerwünschten Anwendungen und Archive durchsuchen war jedes mal aktiv, ansonsten hätte ich auch nicht diese JS/SecurityDisabler.A.Gen gefunden, da das auch nur als unerwünschte Anwendung geführt wurde.

Alt 28.01.2015, 22:42   #15
Bootsektor
Ruhe in Frieden
† 2019
 
Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - Standard

Virus entfernt, bitte um Analyse, ob rechner nun sauber ist



Nein,

dann brauchst du den nicht machen.

Machen wir dann so weiter:


OK
So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir.

Schritt 1

Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren.
Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen.

Schritt 2
Starte defogger und drücke re-enable

Schritt 3
Downloade dir bitte delfix auf deinen Desktop.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
  • DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.
Falls nach Delfix noch Programme aus unserer Bereinigung vorhanden sein sollten, kannst du diese nun bedenkenlos löschen.

Updates / Programme aktualisieren
  • Adobe Reader
Dein Adobe Reader ist veraltet.
Deinstalliere Deinen Reader und lade Dir die neueste Version von hier herunter. Schaue, ob sich noch etwas mit installieren möchte und entferne den Haken gegebenenfalls.

Hast du da tatsächlich noch den Firefox 15 parallel im Gebrauch? Wozu brauchst du den?

Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
  • verwende für jede Anwendung und jeden Account ein anderes Passwort
  • ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
  • speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
  • ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen, und Sonderzeichen
  • benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
  • verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben


Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
  • Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.

  • Java
Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.
Sofern du Java nicht zwingend benötigst, solltest du es komplett deinstallieren.

Windows XP
Gehe auf:
Start --> Systemsteuerung --> Software --> Javaversionen auswählen --> entfernen
Windows Vista
Gehe auf:
Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen
Windows 7
Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen
Windows 8
Dazu drücke auf:
Windowstaste und X
dann:
Programme und Funktionen -->Javaversionen auswählen --> entfernen

Falls du Java doch unbedingt benötigst, dann sorge dafür, dass Java automatisch updated.
Dazu:
  • öffne Java
  • klicke auf den Reiter Update
  • klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
  • klicke auf Erweitert
  • ändere das Intervall mindestens auf wöchentlich
und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.

Antivirensoftware
  • Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz
  • MalwareBytes Anti-Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
    Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.


Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows.
Windows Vista
  • Klicke unten links auf das Vistasymbol
  • Gehe auf Programme -> Zubehör -> Systemprogramme -> Datenträgerbereinigung
  • Wähle nun Dateien von allen Benutzern des Computers aus und bestätige mit OK
  • Setze den Haken bei den zu löschenden Dateien zusätzlich bei Temporäre Dateien
  • Bestätige mit OK
  • Bestätige dass du die Dateien unwiderruflich löschen möchtest

Windows 7
  • Gehe auf das Windowsstartsymbol
  • Gebe im Suchfeld Datenträgerrereinigung ein
  • Setze den Haken zusätzlich bei Temporäre Dateien
  • Bestätige mit OK

Windows 8
  • Rechtsklicke in die untere linke Ecke deines Bildschirms
  • Klicke auf Suchen
  • Klicke auf Einstellungen
  • Gebe im Suchfeld Datenträgerbereinigung ein
  • Klicke in den Einstellungen auf der linken Seite nun auf Speicherplatz durch Löschen nicht erforderlicher Dateien freigeben
  • Setze den Haken zusätzlich bei Temporäre Dateien
  • Bestätige mit OK
  • Bestätige dass du die Dateien unwiderruflich löschen möchtest


Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
  • Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.

Antwort

Themen zu Virus entfernt, bitte um Analyse, ob rechner nun sauber ist
192.168.0.2, adobe, adobe flash player, antivirus, bho, einstellungen, excel, firefox, flash player, internet, internet explorer, log, logfile, löschen, mozilla, pdf, performance, problem, registry, scan, software, symantec, usb, virus, windows



Ähnliche Themen: Virus entfernt, bitte um Analyse, ob rechner nun sauber ist


  1. Windows 7: Analyse, ob rechner sauber ist
    Log-Analyse und Auswertung - 26.01.2015 (9)
  2. Virus LyricsPal.exe gefunden und mit Avira entfernt. Ist der Rechner jetzt wieder sauber oder noch verseucht?
    Log-Analyse und Auswertung - 22.09.2013 (13)
  3. Rechner nach Infektion mit GVU-Virus wieder sauber?
    Plagegeister aller Art und deren Bekämpfung - 30.04.2013 (19)
  4. bka-trojaner entfernt - ist Rechner sauber?
    Plagegeister aller Art und deren Bekämpfung - 28.02.2013 (3)
  5. GVU Virus heute eingefangen und gleich entfernt - ist mein PC wirklich sauber? Wie checken?
    Log-Analyse und Auswertung - 19.01.2013 (11)
  6. Mehrere Trojaner entfernt - ist mein Rechner nun sauber?
    Log-Analyse und Auswertung - 24.09.2012 (3)
  7. (2x) Security Shield / TR Atraps.Gen entfernt - ist mein Rechner jetzt wieder sauber?
    Mülltonne - 27.07.2012 (1)
  8. GVU-Virus (neue Variante?) erfolgeich teilw. manuell entfernt mit Analyse von ESET
    Plagegeister aller Art und deren Bekämpfung - 23.04.2012 (1)
  9. "Data Restore" entfernt - Rechner komplett sauber?
    Log-Analyse und Auswertung - 09.04.2012 (20)
  10. Google Re-Direct Virus scheinbar verschwunden, aber ist der Rechner jetzt sauber...?
    Plagegeister aller Art und deren Bekämpfung - 26.02.2012 (22)
  11. Vermeidlicher Virus der Bundespolizei entfernt. PC jetzt sauber?
    Log-Analyse und Auswertung - 11.12.2011 (13)
  12. Tasterturfunktionen sind Durcheinander! Virus? / Hardwareproblem? / Bitte Log Analyse auswerten
    Log-Analyse und Auswertung - 12.08.2011 (9)
  13. Antivir Solution Pro - entfernt, aber ist mein Rechner wirklich sauber?
    Plagegeister aller Art und deren Bekämpfung - 09.08.2010 (17)
  14. Bitte um Hilfe. Logfile Analyse -2 Trojaner auf Rechner
    Log-Analyse und Auswertung - 23.09.2009 (8)
  15. Ist mein PC jetzt wieder sauber ? Brauche eine Analyse
    Log-Analyse und Auswertung - 15.02.2007 (5)
  16. Bitte HijackThis-Logdatei checken (Rechner sauber? Hätte gerne zweite Meinung.)
    Log-Analyse und Auswertung - 09.11.2006 (3)
  17. Bitte Analyse von Virus log Information
    Plagegeister aller Art und deren Bekämpfung - 23.01.2006 (2)

Zum Thema Virus entfernt, bitte um Analyse, ob rechner nun sauber ist - hi @ all, hatte mir heute etwas eingefangen und bin mir nicht sicher ob ich alles erwischt habe. Ausgelöst wurde alles von der Datei, die einen Patch für ein Problem - Virus entfernt, bitte um Analyse, ob rechner nun sauber ist...
Archiv
Du betrachtest: Virus entfernt, bitte um Analyse, ob rechner nun sauber ist auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.