Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   win7,Virus qvo6,anderer Virus (https://www.trojaner-board.de/141886-win7-virus-qvo6-anderer-virus.html)

schrauber 26.09.2013 08:10
Schau ich mir heut Abend an, bin auf Arbeit. Sind noch mehr Rechner in deinem Netz?

Nigi 26.09.2013 08:52
Ja mein Sohn hat auch einen Rechner,

der über das WLAN genutzt wird.

Gruß
Nigi

schrauber 26.09.2013 12:27
Poste bitte FRST Logfiles von dem anderen Rechner.

Nigi 26.09.2013 15:02
Hallo Schrauber,

habe den Rechner meines Sohnes nun mit FRST gescannt und hier sind die Ergebnisse.


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-09-2013
Ran by Matze (administrator) on MATZE-Z3915BCHP on 26-09-2013 15:58:44
Running from C:\Dokumente und Einstellungen\Matze\Desktop\Strecken
Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS\system32\WgaTray.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
() C:\Programme\ICQ6Toolbar\ICQ Service.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Programme\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Symantec Corporation) C:\Programme\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
(Rocket Division Software) C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Wajam) C:\Programme\Wajam\Updater\WajamUpdater.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Apple Inc.) I:\Programme\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Symantec Corporation) C:\Programme\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
(Belkin) I:\Programme\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
(Logitech, Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe
(Logitech, Inc.) C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE
(Symantec Corporation) C:\Programme\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Apple Inc.) C:\Programme\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(FreeDownloadManager.ORG) C:\Programme\Free Download Manager\fdm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [76304 2008-02-29] (Logitech, Inc.)
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [16859648 2008-01-09] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\Windows\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - I:\Programme\iTunes\iTunesHelper.exe [151952 2012-11-29] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - I:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\programme\gemeinsame dateien\logitech\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Run: [] - [x]
HKCU\...\Run: [swg] - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-01-27] (Google Inc.)
MountPoints2: {44af3ade-1788-11e3-9b59-00173ffe2828} - Q:\RunClubSanDisk.exe
MountPoints2: {96a2efe1-3e66-11e0-9982-00173ffe2828} - Q:\LaunchU3.exe -a
MountPoints2: {fd2660fe-1431-11e0-994a-00173ffe2828} - Q:\Startme.exe
Lsa: [Notification Packages]  scecli
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Belkin Wireless USB Utility.lnk
ShortcutTarget: Belkin Wireless USB Utility.lnk -> I:\Programme\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe (Belkin)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Prev Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Prev Search Bar = hxxp://google.icq.com/search/search_frame.php
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = hxxp://home.microsoft.com/access/autosearch.asp?p=%s
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
SearchScopes: HKCU - {03_TL-GOOGLE-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_google&q={searchTerms}&affid=1&uid=C2D41112-79BA-4FAD-81A5-46D9BBDC99AC
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL = hxxp://search.bearshare.com/webResults.html?src=ieb&q={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSSNAV&chn=retail&geo=DE&ver=2014&locale=de_DE&gct=sb&qsrc=2869
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - I:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {2519e35f-d932-47f8-a66f-5c8fe69ef8a8} -  No File
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton AntiVirus\Engine\21.0.1.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programme\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll ()
BHO: radio de Toolbar - {8c925777-22df-4587-86f7-7ddd6d2ad1eb} - C:\Programme\radio_de\prxtbrad2.dll (Conduit Ltd.)
BHO: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Programme\Wajam\IE\priam_bho.dll (Wajam)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Programme\Norton Identity Safe\Engine\2014.5.0.67\coIEPlg.dll (Symantec Corporation)
BHO: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programme\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
Toolbar: HKLM - radio de Toolbar - {8c925777-22df-4587-86f7-7ddd6d2ad1eb} - C:\Programme\radio_de\prxtbrad2.dll (Conduit Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Programme\Norton Identity Safe\Engine\2014.5.0.67\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Programme\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -radio de Toolbar - {8C925777-22DF-4587-86F7-7DDD6D2AD1EB} - C:\Programme\radio_de\prxtbrad2.dll (Conduit Ltd.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Programme\Norton Identity Safe\Engine\2014.5.0.67\coIEPlg.dll (Symantec Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223123869812
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Matze\Anwendungsdaten\Mozilla\Firefox\Profiles\p3wlaj9n.default
FF user.js: detected! => C:\Dokumente und Einstellungen\Matze\Anwendungsdaten\Mozilla\Firefox\Profiles\p3wlaj9n.default\user.js
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: ICQ Search
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://www.google.de/search?q=
FF NetworkProxy: "no_proxies_on", "*.local"
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - I:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - i:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @protectdisc.com/NPPDLicenseHelper - C:\Programme\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veoh.com/VeohPlayer - I:\Programme\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll (Veoh Networks Inc)
FF Plugin: Adobe Reader - I:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Dokumente und Einstellungen\Matze\Anwendungsdaten\Mozilla\Firefox\Profiles\p3wlaj9n.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Matze\Anwendungsdaten\Mozilla\Firefox\Profiles\p3wlaj9n.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Dokumente und Einstellungen\Matze\Anwendungsdaten\Mozilla\Firefox\Profiles\p3wlaj9n.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: fdm_ffext - C:\Dokumente und Einstellungen\Matze\Anwendungsdaten\Mozilla\Firefox\Profiles\p3wlaj9n.default\Extensions\fdm_ffext@freedownloadmanager.org
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFFPlgn\
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\

Chrome:
=======
CHR HomePage: hxxp://start.icq.com/
CHR DefaultSearchURL: (ICQ Search) - hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
CHR DefaultSuggestURL: (ICQ Search) -      "suggest_url": ""
CHR Plugin: (Chrome PDF Viewer) - C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\11.0.696.60\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\11.0.696.60\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\11.0.696.60\gcswf32.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U16) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\\u00AE DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\\u00AE DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - I:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (DivX Web Player) - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll No File
CHR Plugin: (Protect Disc License Acquisition Plugin) - C:\Programme\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (NPVeohVersion plugin) - I:\Programme\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll (Veoh Networks Inc)
CHR Plugin: (iTunes Application Detector) - I:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - i:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (AT_DJTiesto) - C:\DOKUME~1\Matze\LOKALE~1\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\okmcbgkkeagngnijeiighgblfljbekip\2_0
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\Wajam\Chrome\wajam.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Programme\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Programme\Norton Identity Safe\Engine\2014.5.0.67\Exts\Chrome.crx

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2007-07-31] ()
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-01-07] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-01-07] (Google Inc.)
S2 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-25] (Google)
R2 ICQ Service; C:\Programme\ICQ6Toolbar\ICQ Service.exe [247096 2010-09-06] ()
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [552848 2012-11-29] (Apple Inc.)
S3 LBTServ; C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\LBTServ.exe [121360 2008-05-02] (Logitech, Inc.)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117144 2013-08-04] (Mozilla Foundation)
R2 NAV; C:\Programme\Norton AntiVirus\Engine\21.0.1.3\diMaster.dll [561968 2013-08-01] (Symantec Corporation)
R2 NCO; C:\Programme\Norton Identity Safe\Engine\2014.5.0.67\diMaster.dll [561968 2013-08-01] (Symantec Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [361728 2009-10-11] (TuneUp Software GmbH)
S2 uploadmgr; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [38912 2004-08-04] (Microsoft Corporation)
R2 WajamUpdater; C:\Programme\Wajam\Updater\WajamUpdater.exe [109064 2012-10-05] (Wajam)
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\WINDOWS\system32\drivers\acedrv11.sys [277736 2008-07-30] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2009-07-03] ()
R1 BHDrvx86; C:\Programme\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130903.002\BHDrvx86.sys [1097816 2013-09-04] (Symantec Corporation)
R3 BLKWGU(Belkin); C:\Windows\System32\DRIVERS\BLKWGU.sys [402944 2005-11-10] (Belkin Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAV\1500010.003\ccSetx86.sys [117336 2013-07-30] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DE05000.043\ccSetx86.sys [117336 2013-07-30] (Symantec Corporation)
R1 eeCtrl; C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-09-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-09-13] (Symantec Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51088 2004-06-22] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2004-06-22] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2004-06-22] (HP)
R3 IDSxpx86; C:\Programme\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20130921.001\IDSxpx86.sys [380832 2013-09-20] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2009-07-03] ()
R3 NAVENG; C:\Programme\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20130923.003\NAVENG.SYS [93272 2013-09-13] (Symantec Corporation)
R3 NAVEX15; C:\Programme\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20130923.003\NAVEX15.SYS [1612376 2013-09-13] (Symantec Corporation)
S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54400 2007-07-30] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2007-07-30] (NVIDIA Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-01] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2009-03-01] ()
R3 SRTSP; C:\Windows\System32\Drivers\NAV\1500010.003\SRTSP.SYS [650840 2013-07-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAV\1500010.003\SRTSPX.SYS [32344 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAV\1500010.003\SYMDS.SYS [367704 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1500010.003\SYMEFA.SYS [935000 2013-08-05] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2013-09-20] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAV\1500010.003\Ironx86.SYS [206936 2013-07-31] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\NAV\1500010.003\SYMTDI.SYS [421208 2013-07-31] (Symantec Corporation)
R2 XPROTECTOR; C:\WINDOWS\system32\drivers\XPROTECTOR.SYS [40448 2008-10-19] ()
R3 ZDPSp50; C:\Windows\System32\Drivers\ZDPSp50.sys [17664 2004-10-25] (Printing Communications Assoc., Inc. (PCAUSA))
U3 abxqgc73; C:\Windows\System32\Drivers\abxqgc73.sys [0 ] (Microsoft Corporation)
U3 aea7dmpf; C:\Windows\System32\Drivers\aea7dmpf.sys [0 ] (Microsoft Corporation)
S3 adxapie; \??\C:\DOKUME~1\Matze\LOKALE~1\Temp\adxapie.sys [x]
S3 EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96256 2004-08-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-26 15:58 - 2013-09-26 15:58 - 00000000 ____D C:\FRST
2013-09-23 00:01 - 2013-09-24 02:06 - 00083216 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2013-09-21 16:40 - 2013-09-22 23:53 - 00000634 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Aerosoft Launcher.lnk
2013-09-21 16:29 - 2013-09-21 16:29 - 00000375 _____ C:\Dokumente und Einstellungen\All Users\Desktop\OMSI.lnk
2013-09-21 11:23 - 2013-09-21 11:23 - 00000000 ____D C:\Dokumente und Einstellungen\Matze\Desktop\Omsi Bundle
2013-09-20 23:54 - 2013-09-20 23:54 - 00000000 ____D C:\WINDOWS\system32\Drivers\NST
2013-09-20 23:54 - 2013-09-20 23:54 - 00000000 ____D C:\Programme\Norton Identity Safe
2013-09-20 23:54 - 2013-09-20 23:54 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton Identity Safe
2013-09-20 23:54 - 2013-09-20 23:54 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton AntiVirus
2013-09-07 11:54 - 2013-09-07 12:06 - 00000000 ____D C:\Dokumente und Einstellungen\Matze\Desktop\usb stick mama
2013-08-27 11:40 - 2013-08-27 11:40 - 00106496 _____ C:\WINDOWS\Minidump\Mini082713-01.dmp

==================== One Month Modified Files and Folders =======

2013-09-26 15:58 - 2013-09-26 15:58 - 00000000 ____D C:\FRST
2013-09-26 15:56 - 2010-01-09 14:43 - 00000000 ____D C:\Dokumente und Einstellungen\Matze\Anwendungsdaten\Free Download Manager
2013-09-26 15:51 - 2013-01-20 15:23 - 00000000 ____D C:\Dokumente und Einstellungen\Matze\Anwendungsdaten\PriceGong
2013-09-26 15:51 - 2010-01-04 19:19 - 00000000 ____D C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\radio_de
2013-09-26 15:51 - 2008-10-04 14:30 - 01934927 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-26 15:50 - 2009-11-03 22:59 - 00000418 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{FEBE2AF1-AEED-4FE1-902E-2AC8AC068CA9}.job
2013-09-26 15:50 - 2001-08-18 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-26 15:49 - 2010-01-07 12:59 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-26 15:49 - 2009-10-11 13:53 - 00000492 _____ C:\WINDOWS\Tasks\1-Klick-Wartung.job
2013-09-26 15:49 - 2008-07-13 16:59 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-26 15:49 - 2008-07-13 16:59 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-09-26 15:49 - 2008-07-13 16:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-24 02:06 - 2013-09-23 00:01 - 00083216 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2013-09-24 02:06 - 2008-07-13 16:07 - 00032522 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-24 02:06 - 2008-07-13 16:07 - 00000190 ___SH C:\Dokumente und Einstellungen\Matze\ntuser.ini
2013-09-24 02:06 - 2008-07-13 16:07 - 00000000 ____D C:\Dokumente und Einstellungen\Matze
2013-09-24 01:31 - 2010-01-07 12:59 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-22 23:56 - 2010-06-28 11:53 - 00892653 _____ C:\WINDOWS\setupapi.log
2013-09-22 23:53 - 2013-09-21 16:40 - 00000634 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Aerosoft Launcher.lnk
2013-09-22 23:52 - 2011-11-20 15:43 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\aerosoft
2013-09-22 23:52 - 2008-07-13 16:15 - 00000000 ___HD C:\Programme\InstallShield Installation Information
2013-09-22 13:40 - 2009-03-25 22:25 - 00000966 _____ C:\WINDOWS\Tasks\Google Software Updater.job
2013-09-22 09:13 - 2009-11-13 22:02 - 00000000 ____D C:\Programme\Steam
2013-09-21 16:29 - 2013-09-21 16:29 - 00000375 _____ C:\Dokumente und Einstellungen\All Users\Desktop\OMSI.lnk
2013-09-21 11:45 - 2008-10-04 15:56 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Symantec Shared
2013-09-21 11:23 - 2013-09-21 11:23 - 00000000 ____D C:\Dokumente und Einstellungen\Matze\Desktop\Omsi Bundle
2013-09-20 23:55 - 2011-10-08 12:06 - 00000000 ____D C:\WINDOWS\system32\Drivers\NAV
2013-09-20 23:54 - 2013-09-20 23:54 - 00000000 ____D C:\WINDOWS\system32\Drivers\NST
2013-09-20 23:54 - 2013-09-20 23:54 - 00000000 ____D C:\Programme\Norton Identity Safe
2013-09-20 23:54 - 2013-09-20 23:54 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton Identity Safe
2013-09-20 23:54 - 2013-09-20 23:54 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton AntiVirus
2013-09-20 23:54 - 2011-10-08 12:09 - 00001846 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Norton AntiVirus.LNK
2013-09-20 23:54 - 2009-02-25 22:53 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
2013-09-20 23:54 - 2008-07-13 16:58 - 00000000 ___RD C:\Programme
2013-09-20 23:54 - 2008-07-13 16:58 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2013-09-20 08:39 - 2011-10-08 12:10 - 00142936 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2013-09-20 08:39 - 2011-10-08 12:10 - 00008194 _____ C:\WINDOWS\system32\Drivers\SYMEVENT.CAT
2013-09-20 08:38 - 2011-10-08 12:06 - 00000000 ____D C:\Programme\Norton AntiVirus
2013-09-17 07:54 - 2010-01-04 19:19 - 00000000 ____D C:\Programme\radio_de
2013-09-14 20:48 - 2011-10-08 11:47 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Dokumente\Norton
2013-09-07 17:31 - 2008-08-24 15:17 - 00121856 _____ C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-07 16:28 - 2013-03-17 13:39 - 00000000 ____D C:\Programme\Origin
2013-09-07 12:06 - 2013-09-07 11:54 - 00000000 ____D C:\Dokumente und Einstellungen\Matze\Desktop\usb stick mama
2013-09-05 12:30 - 2013-03-08 18:06 - 00000000 _____ C:\END
2013-08-29 16:45 - 2008-10-04 16:38 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-08-29 07:59 - 2013-08-04 11:32 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-08-27 11:40 - 2013-08-27 11:40 - 00106496 _____ C:\WINDOWS\Minidump\Mini082713-01.dmp
2013-08-27 11:40 - 2008-12-22 22:02 - 00000000 ____D C:\WINDOWS\Minidump
2013-08-27 07:54 - 2010-01-09 14:16 - 00000000 ____D C:\Programme\Free Download Manager

Files to move or delete:
====================
C:\Dokumente und Einstellungen\Matze\z.bat


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2002-08-29 03:43] - [2007-06-13 15:21] - 1036288 ____A (Microsoft Corporation) 64d320c0e301eedc5a4adbbdc5024f7f

C:\Windows\System32\winlogon.exe
[2002-08-29 03:43] - [2004-08-04 00:58] - 0507392 ____A (Microsoft Corporation) 2b6a0baf33a9918f09442d873848ff72

C:\Windows\System32\svchost.exe
[2001-08-18 14:00] - [2004-08-04 00:58] - 0014336 ____A (Microsoft Corporation) 65a819b121eb6fdab4400ea42bdffe64

C:\Windows\System32\services.exe
[2008-10-07 21:41] - [2009-02-09 12:04] - 0111104 ____A (Microsoft Corporation) 65f6b774819bd727358157cedea67b8e

C:\Windows\System32\User32.dll
[2002-08-29 03:43] - [2004-08-04 00:57] - 0578560 ____A (Microsoft Corporation) 56785fd5236d7b22cf471a6da9db46d8

C:\Windows\System32\userinit.exe
[2008-10-07 21:41] - [2004-08-04 00:58] - 0025088 ____A (Microsoft Corporation) d1e53dc57143f2584b1dd53b036c0633

C:\Windows\System32\Drivers\volsnap.sys
[2008-10-07 21:40] - [2004-08-04 00:44] - 0053760 ____A (Microsoft Corporation) d6888520ff56d72a50437e371ca25fc9


==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-09-2013
Ran by Matze at 2013-09-26 15:59:26
Running from C:\Dokumente und Einstellungen\Matze\Desktop\Strecken
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Reader 9.5.4 - Deutsch (Version: 9.5.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Aerosoft's - Aerosoft Launcher (Version: 1.1.0.1)
aerosoft's - ICE1 (Version: 1.00)
AiO_Scan (Version: 43.0.217.000)
AMD Catalyst Install Manager (Version: 8.0.873.0)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 1.2.2735.37383)
Aufstieg des Hexenkönigs™
Battlefield 1942
Battlefield 1942: Secret Weapons of WWII
Battlefield 1942: The Road To Rome
Belkin Wireless USB Utility (Version: 6.3.2.16)
Bonjour (Version: 3.0.0.10)
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Dedicated Server
Call of Duty: Modern Warfare 3 - Multiplayer
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2154.37503)
Catalyst Control Center InstallProxy (Version: 2012.0405.2154.37503)
Catalyst Control Center Localization All (Version: 2012.0405.2154.37503)
CCC Help German (Version: 2012.0405.2153.37503)
ccc-utility (Version: 2012.0405.2154.37503)
CDDRV_Installer (Version: 4.60)
COMPUTERBILD App-Center (Version: 1.1.09)
Dell Resource CD (Version: 1.10.0000)
Die Schlacht um Mittelerde™ II
Die Sims
DivX Converter (Version: 6.6.1)
DivX-Setup (Version: 1.0.2.23)
DraftBoard Unlimited 4.5 DE Educational (Version: DraftBoard Unlimited 4.5 DE Educational)
EAX Unified
Euro Truck Simulator 2
Farming Simulator 2013
Free Download Manager 3.9.2
GameShadow (Version: 2.03.0000)
Gemini Wars
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4413.1752)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
GTR CAM-Modul 32Bit EDU (Version: 1.05.0920)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Holzfäller Simulator 2013
Homeworld2
Hotfix für Windows XP (KB914440) (Version: 12)
Hotfix für Windows XP (KB935448) (Version: 1)
Hotfix für Windows XP (KB952287) (Version: 1)
Hotfix für Windows XP (KB961118) (Version: 1)
Hotfix für Windows XP (KB970653-v3) (Version: 3)
Hotfix für Windows XP (KB976098-v2) (Version: 2)
Hotfix für Windows XP (KB979306) (Version: 1)
Hotfix für Windows XP (KB981793) (Version: 1)
HP Image Zone 4.2 (Version: 4.2)
HP PSC & OfficeJet 4.2
I-CAD für DBU 4.55.42 EDU LZ310710 V160707 (Version: 1.00.0002)
ICQ Toolbar (Version: 3.0.0)
ICQ7.4 (Version: 7.4)
Impulse
Impulse (Version: 1.0)
Indeo® Software
iPod Update 2004-04-28 (Version: 1.1)
iTunes (Version: 11.0.0.163)
Java Auto Updater (Version: 2.0.5.1)
Java(TM) 6 Update 26 (Version: 6.0.260)
Java(TM) 6 Update 7 (Version: 1.6.0.70)
KhalInstallWrapper (Version: 4.60.122)
LEGO Digital Designer
Logitech SetPoint (Version: 4.60)
Logitech Updater (Version: 1.70)
MediaBar 2.0 (Version: 2.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Language Pack - DEU
Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 German Language Pack
Microsoft .NET Framework 3.0 German Language Pack (Version: 3.0.04506.30)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Games for Windows - LIVE  (Version: 2.0.675.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.673.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6425.1000)
Microsoft Office Word 2003 (Version: 11.0.8173.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MobileMe Control Panel (Version: 3.1.6.0)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Norton AntiVirus (Version: 21.0.1.3)
Norton Identity Safe (Version: 2014.5.0.67)
NVIDIA Drivers
NVIDIA PhysX (Version: 9.10.0513)
Nvu 1.0 (Version: 1.0)
OMSI - Addon Wien (Version: 1.00)
OMSI - Der Omnibussimulator (Version: 1.06)
Origin (Version: 9.1.10.2728)
Perimeter (Version: 1.00.000)
PoiZone
Protect Disc License Helper 1.0.118 (Version: 1.0.118)
ProtectDisc Driver, Version 11 (Version: 11.0.0.11)
QFolder (Version: 1.00.0000)
QuickTime (Version: 7.69.80.9)
radio_de Toolbar (Version: )
Realtek High Definition Audio Driver (Version: 5.10.0.5548)
RollerCoaster Tycoon 3
Scan (Version: 4.1.0.0)
Ship Simulator Extremes
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2) (Version: 2)
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB972260) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB974455) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB976325) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB982381) (Version: 1)
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows Media Player (KB954155)
Sicherheitsupdate für Windows Media Player (KB968816)
Sicherheitsupdate für Windows Media Player (KB973540)
Sicherheitsupdate für Windows Media Player (KB978695)
Sicherheitsupdate für Windows Media Player (KB979402)
Sicherheitsupdate für Windows Media Player 6.4 (KB925398)
Sicherheitsupdate für Windows Media Player 9 (KB911565)
Sicherheitsupdate für Windows Media Player 9 (KB936782)
Sicherheitsupdate für Windows XP (KB2229593) (Version: 1)
Sicherheitsupdate für Windows XP (KB890046) (Version: 1)
Sicherheitsupdate für Windows XP (KB893756) (Version: 1)
Sicherheitsupdate für Windows XP (KB896358) (Version: 1)
Sicherheitsupdate für Windows XP (KB896423) (Version: 1)
Sicherheitsupdate für Windows XP (KB896424) (Version: 1)
Sicherheitsupdate für Windows XP (KB896428) (Version: 1)
Sicherheitsupdate für Windows XP (KB899587) (Version: 1)
Sicherheitsupdate für Windows XP (KB899591) (Version: 1)
Sicherheitsupdate für Windows XP (KB900725) (Version: 1)
Sicherheitsupdate für Windows XP (KB901017) (Version: 1)
Sicherheitsupdate für Windows XP (KB901214) (Version: 1)
Sicherheitsupdate für Windows XP (KB902400) (Version: 1)
Sicherheitsupdate für Windows XP (KB904706) (Version: 2)
Sicherheitsupdate für Windows XP (KB905414) (Version: 1)
Sicherheitsupdate für Windows XP (KB905749) (Version: 1)
Sicherheitsupdate für Windows XP (KB908519) (Version: 1)
Sicherheitsupdate für Windows XP (KB911562) (Version: 1)
Sicherheitsupdate für Windows XP (KB911927) (Version: 1)
Sicherheitsupdate für Windows XP (KB912919) (Version: 1)
Sicherheitsupdate für Windows XP (KB913580) (Version: 1)
Sicherheitsupdate für Windows XP (KB914388) (Version: 1)
Sicherheitsupdate für Windows XP (KB914389) (Version: 1)
Sicherheitsupdate für Windows XP (KB917344) (Version: 1)
Sicherheitsupdate für Windows XP (KB917422) (Version: 1)
Sicherheitsupdate für Windows XP (KB917953) (Version: 1)
Sicherheitsupdate für Windows XP (KB918118) (Version: 1)
Sicherheitsupdate für Windows XP (KB918439) (Version: 1)
Sicherheitsupdate für Windows XP (KB919007) (Version: 1)
Sicherheitsupdate für Windows XP (KB920213) (Version: 1)
Sicherheitsupdate für Windows XP (KB920670) (Version: 1)
Sicherheitsupdate für Windows XP (KB920683) (Version: 1)
Sicherheitsupdate für Windows XP (KB920685) (Version: 1)
Sicherheitsupdate für Windows XP (KB921398) (Version: 1)
Sicherheitsupdate für Windows XP (KB921883) (Version: 1)
Sicherheitsupdate für Windows XP (KB922616) (Version: 1)
Sicherheitsupdate für Windows XP (KB922819) (Version: 1)
Sicherheitsupdate für Windows XP (KB923191) (Version: 1)
Sicherheitsupdate für Windows XP (KB923414) (Version: 1)
Sicherheitsupdate für Windows XP (KB923561) (Version: 1)
Sicherheitsupdate für Windows XP (KB923980) (Version: 1)
Sicherheitsupdate für Windows XP (KB924191) (Version: 1)
Sicherheitsupdate für Windows XP (KB924270) (Version: 1)
Sicherheitsupdate für Windows XP (KB924496) (Version: 1)
Sicherheitsupdate für Windows XP (KB924667) (Version: 1)
Sicherheitsupdate für Windows XP (KB926255) (Version: 1)
Sicherheitsupdate für Windows XP (KB926436) (Version: 1)
Sicherheitsupdate für Windows XP (KB927779) (Version: 1)
Sicherheitsupdate für Windows XP (KB927802) (Version: 1)
Sicherheitsupdate für Windows XP (KB928255) (Version: 1)
Sicherheitsupdate für Windows XP (KB929123) (Version: 1)
Sicherheitsupdate für Windows XP (KB930178) (Version: 1)
Sicherheitsupdate für Windows XP (KB931261) (Version: 1)
Sicherheitsupdate für Windows XP (KB932168) (Version: 1)
Sicherheitsupdate für Windows XP (KB933729) (Version: 1)
Sicherheitsupdate für Windows XP (KB935839) (Version: 1)
Sicherheitsupdate für Windows XP (KB935840) (Version: 1)
Sicherheitsupdate für Windows XP (KB937894) (Version: 1)
Sicherheitsupdate für Windows XP (KB938464) (Version: 1)
Sicherheitsupdate für Windows XP (KB941569)
Sicherheitsupdate für Windows XP (KB943055) (Version: 1)
Sicherheitsupdate für Windows XP (KB943460) (Version: 1)
Sicherheitsupdate für Windows XP (KB943485) (Version: 1)
Sicherheitsupdate für Windows XP (KB944653) (Version: 1)
Sicherheitsupdate für Windows XP (KB945553) (Version: 1)
Sicherheitsupdate für Windows XP (KB946026) (Version: 1)
Sicherheitsupdate für Windows XP (KB946648) (Version: 1)
Sicherheitsupdate für Windows XP (KB950749) (Version: 1)
Sicherheitsupdate für Windows XP (KB950762) (Version: 1)
Sicherheitsupdate für Windows XP (KB950974) (Version: 1)
Sicherheitsupdate für Windows XP (KB951066) (Version: 1)
Sicherheitsupdate für Windows XP (KB951376-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB951698) (Version: 1)
Sicherheitsupdate für Windows XP (KB951748) (Version: 1)
Sicherheitsupdate für Windows XP (KB952004) (Version: 1)
Sicherheitsupdate für Windows XP (KB952954) (Version: 1)
Sicherheitsupdate für Windows XP (KB953839) (Version: 1)
Sicherheitsupdate für Windows XP (KB954211) (Version: 1)
Sicherheitsupdate für Windows XP (KB954459) (Version: 1)
Sicherheitsupdate für Windows XP (KB954600) (Version: 1)
Sicherheitsupdate für Windows XP (KB955069) (Version: 1)
Sicherheitsupdate für Windows XP (KB956391) (Version: 1)
Sicherheitsupdate für Windows XP (KB956572) (Version: 1)
Sicherheitsupdate für Windows XP (KB956802) (Version: 1)
Sicherheitsupdate für Windows XP (KB956803) (Version: 1)
Sicherheitsupdate für Windows XP (KB956841) (Version: 1)
Sicherheitsupdate für Windows XP (KB956844) (Version: 1)
Sicherheitsupdate für Windows XP (KB957095) (Version: 1)
Sicherheitsupdate für Windows XP (KB957097) (Version: 1)
Sicherheitsupdate für Windows XP (KB958470) (Version: 1)
Sicherheitsupdate für Windows XP (KB958644) (Version: 1)
Sicherheitsupdate für Windows XP (KB958687) (Version: 1)
Sicherheitsupdate für Windows XP (KB958690) (Version: 1)
Sicherheitsupdate für Windows XP (KB958869) (Version: 1)
Sicherheitsupdate für Windows XP (KB959426) (Version: 1)
Sicherheitsupdate für Windows XP (KB960225) (Version: 1)
Sicherheitsupdate für Windows XP (KB960715) (Version: 1)
Sicherheitsupdate für Windows XP (KB960803) (Version: 1)
Sicherheitsupdate für Windows XP (KB960859) (Version: 1)
Sicherheitsupdate für Windows XP (KB961371-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB961373) (Version: 1)
Sicherheitsupdate für Windows XP (KB961501) (Version: 1)
Sicherheitsupdate für Windows XP (KB968537) (Version: 1)
Sicherheitsupdate für Windows XP (KB969059) (Version: 1)
Sicherheitsupdate für Windows XP (KB969898) (Version: 1)
Sicherheitsupdate für Windows XP (KB969947) (Version: 1)
Sicherheitsupdate für Windows XP (KB970238) (Version: 1)
Sicherheitsupdate für Windows XP (KB970430) (Version: 1)
Sicherheitsupdate für Windows XP (KB971032) (Version: 1)
Sicherheitsupdate für Windows XP (KB971468) (Version: 1)
Sicherheitsupdate für Windows XP (KB971486) (Version: 1)
Sicherheitsupdate für Windows XP (KB971557) (Version: 1)
Sicherheitsupdate für Windows XP (KB971633) (Version: 1)
Sicherheitsupdate für Windows XP (KB971657) (Version: 1)
Sicherheitsupdate für Windows XP (KB971961) (Version: 1)
Sicherheitsupdate für Windows XP (KB972270) (Version: 1)
Sicherheitsupdate für Windows XP (KB973346) (Version: 1)
Sicherheitsupdate für Windows XP (KB973354) (Version: 1)
Sicherheitsupdate für Windows XP (KB973507) (Version: 1)
Sicherheitsupdate für Windows XP (KB973525) (Version: 1)
Sicherheitsupdate für Windows XP (KB973869) (Version: 1)
Sicherheitsupdate für Windows XP (KB973904) (Version: 1)
Sicherheitsupdate für Windows XP (KB974112) (Version: 1)
Sicherheitsupdate für Windows XP (KB974318) (Version: 1)
Sicherheitsupdate für Windows XP (KB974392) (Version: 1)
Sicherheitsupdate für Windows XP (KB974571) (Version: 1)
Sicherheitsupdate für Windows XP (KB975025) (Version: 1)
Sicherheitsupdate für Windows XP (KB975467) (Version: 1)
Sicherheitsupdate für Windows XP (KB975560) (Version: 1)
Sicherheitsupdate für Windows XP (KB975561) (Version: 1)
Sicherheitsupdate für Windows XP (KB975562) (Version: 1)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1)
Sicherheitsupdate für Windows XP (KB977816) (Version: 1)
Sicherheitsupdate für Windows XP (KB977914) (Version: 1)
Sicherheitsupdate für Windows XP (KB978037) (Version: 1)
Sicherheitsupdate für Windows XP (KB978262) (Version: 1)
Sicherheitsupdate für Windows XP (KB978338) (Version: 1)
Sicherheitsupdate für Windows XP (KB978542) (Version: 1)
Sicherheitsupdate für Windows XP (KB978601) (Version: 1)
Sicherheitsupdate für Windows XP (KB978706) (Version: 1)
Sicherheitsupdate für Windows XP (KB979309) (Version: 1)
Sicherheitsupdate für Windows XP (KB979482) (Version: 1)
Sicherheitsupdate für Windows XP (KB979559) (Version: 1)
Sicherheitsupdate für Windows XP (KB979683) (Version: 1)
Sicherheitsupdate für Windows XP (KB980195) (Version: 1)
Sicherheitsupdate für Windows XP (KB980218) (Version: 1)
Sicherheitsupdate für Windows XP (KB980232) (Version: 1)
Sicherheitsupdate für Windows XP (KB981349) (Version: 1)
SimCity 3000
SimCity™ (Version: 1.0.0.0)
Skype Toolbars (Version: 5.3.7280)
Skype™ 5.3 (Version: 5.3.111)
Software Informer 1.0 BETA
Star Trek Armada II
Star Trek DAC
Steam (Version: 1.0.0.0)
TES Construction Set
Toxic Biohazard
Train Simulator 2013
TuneUp Utilities 2008 (Version: 7.0.8009)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update für Windows Internet Explorer 7 (KB976749) (Version: 1)
Update für Windows Internet Explorer 7 (KB980182) (Version: 1)
Update für Windows XP (KB894391) (Version: 1)
Update für Windows XP (KB898461) (Version: 1)
Update für Windows XP (KB900485) (Version: 2)
Update für Windows XP (KB904942) (Version: 2)
Update für Windows XP (KB908531) (Version: 2)
Update für Windows XP (KB910437) (Version: 1)
Update für Windows XP (KB911280) (Version: 2)
Update für Windows XP (KB916595) (Version: 1)
Update für Windows XP (KB920872) (Version: 1)
Update für Windows XP (KB922582) (Version: 1)
Update für Windows XP (KB925720) (Version: 1)
Update für Windows XP (KB927891) (Version: 3)
Update für Windows XP (KB930916) (Version: 1)
Update für Windows XP (KB932823-v3) (Version: 3)
Update für Windows XP (KB938828) (Version: 1)
Update für Windows XP (KB951072-v2) (Version: 2)
Update für Windows XP (KB951978) (Version: 1)
Update für Windows XP (KB955759) (Version: 1)
Update für Windows XP (KB955839) (Version: 1)
Update für Windows XP (KB967715) (Version: 1)
Update für Windows XP (KB968389) (Version: 1)
Update für Windows XP (KB971737) (Version: 1)
Update für Windows XP (KB973687) (Version: 1)
Update für Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Veoh Player (Version: 3.2.0)
VLC media player 0.9.4 (Version: 0.9.4)
Wajam (Version: 1.51)
Warhammer 40,000: Dawn of War II
WebFldrs XP (Version: 9.50.6513)
Windows Communication Foundation Language Pack - DEU (Version: 3.0.04506.30)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803) (Version: 3.1)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Media Format 11 runtime
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Presentation Foundation Language Pack (DEU) (Version: 3.0.6920.0)
Windows Workflow Foundation DE Language Pack (Version: 3.0.4203.2)
Windows XP-Hotfix - KB873333 (Version: 20050114.005213)
Windows XP-Hotfix - KB873339 (Version: 20041117.092459)
Windows XP-Hotfix - KB885835 (Version: 20041027.181713)
Windows XP-Hotfix - KB885836 (Version: 20041028.173203)
Windows XP-Hotfix - KB886185 (Version: 20041021.090540)
Windows XP-Hotfix - KB887472 (Version: 20041014.162858)
Windows XP-Hotfix - KB888302 (Version: 20041207.111426)
Windows XP-Hotfix - KB891781 (Version: 20050110.165439)
WinRAR
Xfire (remove only)
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0

==================== Restore Points  =========================

30-06-2013 08:49:44 Systemprüfpunkt
01-07-2013 22:49:22 Systemprüfpunkt
05-07-2013 22:17:24 Systemprüfpunkt
06-07-2013 22:19:32 Systemprüfpunkt
13-07-2013 17:46:28 Systemprüfpunkt
18-07-2013 05:54:41 Systemprüfpunkt
22-07-2013 10:16:52 Systemprüfpunkt
23-07-2013 13:17:48 Systemprüfpunkt
24-07-2013 16:18:25 Systemprüfpunkt
25-07-2013 19:56:12 Systemprüfpunkt
26-07-2013 20:30:11 Systemprüfpunkt
30-07-2013 11:47:43 Systemprüfpunkt
31-07-2013 16:38:22 Systemprüfpunkt
04-08-2013 16:09:25 Systemprüfpunkt
05-08-2013 19:44:07 Systemprüfpunkt
06-08-2013 20:58:09 Konfiguriert Battlefield 1942
06-08-2013 21:02:02 Entfernt Dawn of War - Dark Crusade
06-08-2013 21:02:51 Entfernt Dawn of War - Soulstorm
06-08-2013 21:08:08 Warhammer 40,000: Dawn Of War - Gold Edition wird entfernt
06-08-2013 21:09:50 Entfernt Star Wars Battlefront II
06-08-2013 21:14:46 Entfernt Silent Hunter 4 Wolves of the Pacific
24-08-2013 23:41:49 Systemprüfpunkt
26-08-2013 07:55:26 Systemprüfpunkt
27-08-2013 12:16:28 Systemprüfpunkt
29-08-2013 08:59:34 Systemprüfpunkt
30-08-2013 10:55:22 Systemprüfpunkt
31-08-2013 16:16:48 Systemprüfpunkt
01-09-2013 21:24:57 Systemprüfpunkt
07-09-2013 12:13:28 Systemprüfpunkt
14-09-2013 13:24:33 Systemprüfpunkt
15-09-2013 18:07:57 Systemprüfpunkt
17-09-2013 05:40:03 Systemprüfpunkt
18-09-2013 06:45:48 Systemprüfpunkt
19-09-2013 07:52:28 Systemprüfpunkt
20-09-2013 23:33:42 Systemprüfpunkt
21-09-2013 14:29:31 Installiert OMSI - Der Omnibussimulator
21-09-2013 14:40:46 Installiert Aerosoft Launcher
21-09-2013 14:40:56 Installiert Aerosoft Launcher
22-09-2013 14:56:04 Systemprüfpunkt
22-09-2013 21:52:35 Installiert OMSI - Addon Wien
22-09-2013 21:53:43 Installiert Aerosoft Launcher

==================== Hosts content: ==========================

2001-08-18 14:00 - 2001-08-18 14:00 - 00000820 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\1-Klick-Wartung.job => I:\Programme\TuneUp Utilities 2008\OneClickStarter.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{FEBE2AF1-AEED-4FE1-902E-2AC8AC068CA9}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2009-10-11 13:53 - 2008-07-18 15:05 - 00028416 _____ (TuneUp Software GmbH) c:\windows\system32\uxtuneup.dll
2004-06-22 05:57 - 2004-06-22 05:57 - 00180315 _____ (HP) C:\WINDOWS\system32\hpzsnt10.dll
2009-06-22 18:12 - 2007-04-09 13:23 - 00028552 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
2009-11-13 21:51 - 2008-07-06 14:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll
2009-02-27 17:41 - 2009-02-27 17:41 - 00311296 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
2010-06-03 13:45 - 2010-06-03 13:45 - 00053024 _____ (Open Source Software community project) C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\pthreadVC2.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
2001-08-18 14:00 - 2001-08-18 14:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mui\0007\HHCTRLui.dll
2005-10-28 11:13 - 2005-10-28 11:13 - 00167936 _____ () I:\Programme\Belkin\USB F5D7050\Wireless Utility\BelkinwcuiDLL.dll
2005-12-02 21:53 - 2005-12-02 21:53 - 00237568 _____ () I:\Programme\Belkin\USB F5D7050\Wireless Utility\BlkwcapiZU.DLL
2005-11-01 17:36 - 2005-11-01 17:36 - 00045056 _____ () I:\Programme\Belkin\USB F5D7050\Wireless Utility\ZDWLAN.dll
2005-03-19 00:24 - 2005-03-19 00:24 - 00102400 _____ (Printing Communications Assoc., Inc. (PCAUSA)) I:\Programme\Belkin\USB F5D7050\Wireless Utility\W32N55.dll
2005-09-21 21:39 - 2005-09-21 21:39 - 00212992 _____ () I:\Programme\Belkin\USB F5D7050\Wireless Utility\dot1x_dll.dll
2004-03-05 15:00 - 2004-03-05 15:00 - 00155648 _____ () I:\Programme\Belkin\USB F5D7050\Wireless Utility\SSLEAY32.dll
2004-03-05 15:00 - 2004-03-05 15:00 - 00827392 _____ () I:\Programme\Belkin\USB F5D7050\Wireless Utility\LIBEAY32.dll
2005-10-28 11:13 - 2005-10-28 11:13 - 00061440 _____ () I:\Programme\Belkin\USB F5D7050\Wireless Utility\BelkinHWStatus.dll
2008-07-13 16:40 - 2008-05-02 03:40 - 00084496 _____ (Logitech, Inc.) C:\WINDOWS\system32\KemXML.dll
2008-07-13 16:40 - 2008-05-02 03:39 - 00170512 _____ (Logitech, Inc.) C:\WINDOWS\system32\kemutb.dll
2008-07-13 16:40 - 2008-05-02 03:39 - 00145936 _____ (Logitech, Inc.) C:\WINDOWS\system32\KemUtil.dll
2008-07-13 16:40 - 2008-05-02 03:40 - 00117264 _____ (Logitech, Inc.) C:\WINDOWS\system32\KemWnd.dll
2008-10-03 20:21 - 2010-09-06 19:56 - 01048888 _____ (ICQ) C:\Programme\ICQ6Toolbar\ICQToolBar.dll
2008-10-03 20:12 - 2006-10-10 11:18 - 00701952 _____ (IE Toolbar) I:\Programme\ICQToolbar\toolbaru.dll
2008-09-02 16:05 - 2008-09-02 16:05 - 00398776 _____ () C:\Programme\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
2013-09-11 12:21 - 2013-09-11 12:21 - 00226592 _____ (Conduit Ltd.) C:\Programme\radio_de\prxtbrad2.dll
2013-09-11 12:21 - 2013-09-11 12:21 - 00333088 _____ (Conduit Ltd.) C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\radio_de\ldrtbrad2.dll
2013-09-11 12:21 - 2013-09-11 12:21 - 05165344 _____ (Conduit Ltd.) C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\radio_de\tbrad2.dll
2013-09-11 12:21 - 2013-09-11 12:21 - 01058080 _____ (Conduit Ltd.) C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\radio_de\hktbrad2.dll
2013-01-03 22:36 - 2013-01-03 22:36 - 00297056 _____ (Wajam) C:\Programme\Wajam\IE\priam_bho.dll
2011-04-15 16:39 - 2011-04-15 16:39 - 01164680 _____ (Skype Technologies S.A.) C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
2010-01-09 14:16 - 2013-03-11 12:35 - 00365056 _____ (FreeDownloadManager.ORG) C:\Programme\Free Download Manager\iefdm2.dll
2013-08-26 07:48 - 2013-01-11 03:17 - 00105984 _____ () C:\Programme\Free Download Manager\fdmumsp.dll
2013-08-26 07:48 - 2013-03-11 12:35 - 00611328 _____ ( ) C:\Programme\Free Download Manager\flvsniff.dll
2011-05-02 14:04 - 2011-09-16 07:37 - 00638560 _____ (Conduit Ltd.) C:\Programme\Conduit\Community Alerts\Alert1.dll
2013-04-17 14:25 - 2013-04-17 14:25 - 00463416 _____ (PriceGong) C:\Dokumente und Einstellungen\Matze\Lokale Einstellungen\Anwendungsdaten\radio_de\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll
2011-04-15 16:39 - 2011-04-15 16:39 - 04400520 _____ (Skype Technologies S.A.) C:\Programme\Skype\Toolbars\Shared\SkypePnr.dll
2012-02-18 15:12 - 2012-02-18 15:12 - 08627360 ____R (Adobe Systems, Inc.) C:\WINDOWS\system32\Macromed\Flash\Flash11c.ocx
2010-01-09 14:16 - 2013-03-11 12:35 - 00397312 _____ () C:\Programme\Free Download Manager\iefdmdm.dll
2010-01-09 14:43 - 2013-01-11 03:22 - 03547136 _____ () C:\Programme\Free Download Manager\fdmbtsupp.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5} => ""=""

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: NVIDIA nForce Networking Controller #2
Description: NVIDIA nForce Networking Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: NVIDIA
Service: NVENETFD
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/26/2013 03:49:47 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Error: (09/26/2013 03:49:47 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Error: (09/26/2013 03:49:47 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Error: (09/26/2013 03:49:47 PM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Error: (09/24/2013 01:54:15 AM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Error: (09/24/2013 01:54:15 AM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Error: (09/24/2013 01:54:15 AM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Error: (09/24/2013 01:54:15 AM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Error: (09/24/2013 00:04:14 AM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.

Error: (09/24/2013 00:04:14 AM) (Source: Userenv) (User: NT-AUTORITÄT)
Description: Der Registrierungseintrag DllName konnte für "{7B849a69-220F-451E-B3FE-2CB811AF94AE}" nicht abgerufen und daher auch nicht geladen werden. Dies wurde wahrscheinlich durch eine fehlerhafte Registrierung verursacht.


System errors:
=============
Error: (09/26/2013 03:51:22 PM) (Source: Windows Update Agent) (User: )
Description: Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht, eine Verbindung herzustellen.

Error: (09/26/2013 03:49:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Upload-Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079

Error: (09/24/2013 00:04:17 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Upload-Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079

Error: (09/23/2013 08:17:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Upload-Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079

Error: (09/22/2013 08:05:50 AM) (Source: Windows Update Agent) (User: )
Description: Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht, eine Verbindung herzustellen.

Error: (09/22/2013 08:04:30 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Upload-Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079

Error: (09/20/2013 11:52:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Upload-Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079

Error: (09/18/2013 07:52:42 AM) (Source: Windows Update Agent) (User: )
Description: Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht, eine Verbindung herzustellen.

Error: (09/18/2013 07:50:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Upload-Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079

Error: (09/17/2013 07:23:20 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Upload-Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1079


Microsoft Office Sessions:
=========================
Error: (09/26/2013 03:49:47 PM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (09/26/2013 03:49:47 PM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (09/26/2013 03:49:47 PM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (09/26/2013 03:49:47 PM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (09/24/2013 01:54:15 AM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (09/24/2013 01:54:15 AM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (09/24/2013 01:54:15 AM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (09/24/2013 01:54:15 AM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (09/24/2013 00:04:14 AM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (09/24/2013 00:04:14 AM) (Source: Userenv)(User: NT-AUTORITÄT)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}


==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 3582.42 MB
Available physical RAM: 2806.91 MB
Total Pagefile: 5468.09 MB
Available Pagefile: 4796.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1940.89 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:436.17 GB) (Free:188.64 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (The Sims) (CDROM) (Total:0.46 GB) (Free:0 GB) CDFS
Drive h: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.23 GB) NTFS
Drive i: (Programme) (Fixed) (Total:19.53 GB) (Free:1.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 80000000)
Partition 1: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
Partition 3: (Active) - (Size=436 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Ich hoffe es ist nichts zu finden.

Gruß
Nigi

schrauber 26.09.2013 20:01
Der erste Rechner, bitte FRST öffnen, Haken setzen bei Additional und scanne, poste beide Logfiles.

Nigi 26.09.2013 20:56
Hallo Schrauber,

hier nochmal die FRST LOGS von meinem Rechner,


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2013
Ran by Stelljes (administrator) on STELLJES-PC on 26-09-2013 22:02:00
Running from C:\Users\Stelljes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZZEEPUJJ
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlX64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Common Files\NMSAccessU.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Google) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVK.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-18] (Google Inc.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe [1444304 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [G Data ASM] - C:\Program Files (x86)\G Data\AntiVirus\DelayLoader\AutorunDelayLoader.exe [472016 2013-02-25] (G Data Software AG)
HKLM-x32\...\Run: [CanonQuickMenu] - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome:
=======
CHR DefaultSearchURL: (qvo6) - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=3219913727_67194_F62EAFE5&ts=1379617033&type=default&q={searchTerms}
CHR DefaultSuggestURL: (qvo6) -      "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U39) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Move Media Player 7) - C:\Users\Stelljes\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.390.4) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Chrome In-App Payments service) - C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2

==================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlX64.exe [2555360 2013-06-21] (G Data Software AG)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-05-29] ()
R3 GDScan; C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NMSAccessU; C:\Program Files (x86)\Common Files\NMSAccessU.exe [65536 2007-01-25] ()
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-05-29] ()
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-06-13] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
S3 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [x]

==================== Drivers (Whitelisted) ====================

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-06-08] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-06-08] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon64.sys [31608 2011-11-26] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon64.sys [31608 2011-11-26] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62808 2013-05-17] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-06-27] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-08-24] (G Data Software)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-08-24] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-06-08] (G Data Software AG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-03-20] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-03-20] (RapidSolution Software AG)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-01] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-01] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-25 19:24 - 2013-09-25 19:24 - 00002303 _____ C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
2013-09-25 12:22 - 2013-09-25 12:22 - 00048125 _____ C:\Users\Stelljes\Desktop\FRST.txt
2013-09-25 09:55 - 2013-09-25 09:56 - 00448512 _____ (OldTimer Tools) C:\Users\Stelljes\Downloads\TFC.exe
2013-09-24 20:50 - 2013-09-24 20:50 - 00000000 ____D C:\ProgramData\Oracle
2013-09-24 20:30 - 2013-09-24 20:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-24 20:30 - 2013-09-24 20:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-24 20:21 - 2013-09-24 20:21 - 00913832 _____ (Oracle Corporation) C:\Users\Stelljes\Downloads\chromeinstall-7u40.exe
2013-09-24 15:04 - 2013-09-24 15:04 - 00000157 _____ C:\Users\Stelljes\Desktop\2. Meldung vom G-Data.txt
2013-09-24 15:02 - 2013-09-24 15:02 - 00000820 _____ C:\Users\Stelljes\Desktop\Meldung vom G-Data.txt
2013-09-23 21:13 - 2013-09-23 21:13 - 00027799 _____ C:\Users\Stelljes\Desktop\Addition.txt
2013-09-23 20:52 - 2013-09-23 20:52 - 00891144 _____ C:\Users\Stelljes\Downloads\SecurityCheck.exe
2013-09-23 16:18 - 2013-09-23 16:18 - 02347384 _____ (ESET) C:\Users\Stelljes\Downloads\esetsmartinstaller_enu.exe
2013-09-22 21:36 - 2013-09-22 21:36 - 00053783 _____ C:\Users\Stelljes\Downloads\FRST.txt
2013-09-22 21:29 - 2013-09-22 21:29 - 00001276 _____ C:\Users\Stelljes\Desktop\JRT.txt
2013-09-22 21:20 - 2013-09-22 21:20 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 21:19 - 2013-09-22 21:19 - 01030038 _____ (Thisisu) C:\Users\Stelljes\Downloads\JRT.exe
2013-09-22 21:06 - 2013-09-22 21:10 - 00000000 ____D C:\AdwCleaner
2013-09-22 20:59 - 2013-09-22 20:59 - 01039554 _____ C:\Users\Stelljes\Downloads\adwcleaner.exe
2013-09-22 20:34 - 2013-09-22 20:34 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-22 20:34 - 2013-09-22 20:34 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Malwarebytes
2013-09-22 20:34 - 2013-09-22 20:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-22 20:34 - 2013-09-22 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-22 20:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-22 20:28 - 2013-09-22 20:30 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Stelljes\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-22 13:24 - 2013-09-22 13:24 - 00067487 _____ C:\ComboFix.txt
2013-09-22 13:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-22 13:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-22 13:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-22 13:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-22 13:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-22 13:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-22 13:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-22 13:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-22 13:09 - 2013-09-22 13:24 - 00000000 ____D C:\Qoobox
2013-09-22 13:01 - 2013-09-22 13:23 - 00000000 ____D C:\Windows\erdnt
2013-09-22 13:00 - 2013-09-22 13:01 - 05129542 ____R (Swearware) C:\Users\Stelljes\Downloads\ComboFix (1).exe
2013-09-22 12:59 - 2013-09-22 13:00 - 05129542 ____R (Swearware) C:\Users\Stelljes\Downloads\ComboFix.exe
2013-09-20 21:50 - 2013-09-21 10:24 - 00027927 _____ C:\Users\Stelljes\Downloads\Addition.txt
2013-09-20 20:22 - 2013-09-20 20:22 - 00000000 ____D C:\FRST
2013-09-20 19:59 - 2013-09-20 19:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-09-20 19:17 - 2013-09-20 19:17 - 00000478 _____ C:\Users\Stelljes\Downloads\defogger_disable.log
2013-09-20 19:17 - 2013-09-20 19:17 - 00000000 _____ C:\Users\Stelljes\defogger_reenable
2013-09-20 19:16 - 2013-09-20 19:16 - 00050477 _____ C:\Users\Stelljes\Downloads\Defogger.exe
2013-09-20 18:51 - 2013-09-20 18:51 - 00377856 _____ C:\Users\Stelljes\Downloads\gmer_2.1.19163.exe
2013-09-19 20:59 - 2013-09-19 20:59 - 22416432 _____ (Mozilla) C:\Users\Stelljes\Downloads\firefox23_setup [1].exe
2013-09-19 20:59 - 2013-09-19 20:59 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\0F0W0T1V0D0L0M
2013-09-19 18:29 - 2013-09-24 14:25 - 00001917 _____ C:\ProgramData\8e0b13c8-ace2-4474-91ca-5e636b42474c
2013-09-19 18:26 - 2013-09-19 20:45 - 00000000 ____D C:\ProgramData\a03b10e9-3d08-46de-8fbe-f4f2ae2105b2
2013-09-13 03:26 - 2013-09-26 21:57 - 00001120 _____ C:\Windows\setupact.log
2013-09-13 03:26 - 2013-09-13 03:26 - 00000000 _____ C:\Windows\setuperr.log
2013-09-13 03:07 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-13 03:07 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-13 03:07 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-13 03:07 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-13 03:07 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-13 03:07 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-13 03:07 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-13 03:07 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-13 03:07 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-13 03:07 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-13 03:07 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-13 03:07 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-13 03:07 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-13 03:07 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-13 03:07 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-13 03:07 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-13 03:07 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-13 03:07 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-13 03:07 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-13 03:07 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 22:17 - 2013-09-12 22:17 - 00000000 ____D C:\Users\Stelljes\AppData\Local\G DATA
2013-09-12 21:18 - 2013-09-12 21:19 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Ziep
2013-09-12 21:18 - 2013-09-12 21:19 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Anhia
2013-09-12 21:04 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 21:04 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 21:04 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 21:04 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 21:04 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 21:04 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 21:04 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 21:04 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 21:04 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 21:04 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 21:04 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 21:04 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 21:04 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 21:04 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 21:04 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 21:04 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 21:04 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 21:04 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 21:04 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 21:04 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 21:04 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 21:04 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 21:03 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 21:03 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 21:03 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 21:03 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 21:03 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-11 18:55 - 2013-09-11 18:55 - 00034816 _____ C:\Users\Stelljes\Downloads\=_utf-8_Q_=C3=9Cbungsleiterinnenver_=  =_utf-8_Q_trag=5FFrau=5FBuske.doc_=
2013-09-08 13:07 - 2013-09-08 13:07 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\NVIDIA
2013-09-08 13:06 - 2013-09-08 13:07 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\DivX
2013-09-08 13:03 - 2013-09-08 13:03 - 00000000 ____D C:\Users\Stelljes\AppData\Local\DDMSettings
2013-09-08 13:01 - 2013-09-08 13:01 - 00001627 _____ C:\Users\Stelljes\Desktop\DivX Movies.lnk
2013-09-08 13:01 - 2013-09-08 13:01 - 00001124 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-09-08 13:00 - 2013-09-08 13:00 - 00001139 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-09-08 13:00 - 2013-09-08 13:00 - 00000000 ____D C:\Program Files\DivX
2013-09-08 12:45 - 2013-09-08 13:01 - 00000000 ____D C:\Program Files (x86)\DivX
2013-09-08 12:44 - 2013-09-08 13:01 - 00000000 ____D C:\ProgramData\DivX
2013-09-08 12:44 - 2013-09-08 12:44 - 00993600 _____ (DivX, LLC) C:\Users\Stelljes\Downloads\DivXInstaller.exe
2013-09-08 12:42 - 2013-09-08 12:42 - 00000000 ____D C:\Users\Stelljes\Desktop\Marcel

==================== One Month Modified Files and Folders =======

2013-09-26 22:00 - 2009-09-04 10:48 - 01070866 _____ C:\Windows\WindowsUpdate.log
2013-09-26 21:59 - 2010-10-07 21:27 - 00000000 ____D C:\Users\Stelljes\Tracing
2013-09-26 21:57 - 2013-09-13 03:26 - 00001120 _____ C:\Windows\setupact.log
2013-09-26 21:57 - 2010-01-26 21:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-26 21:57 - 2009-09-04 10:52 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-26 21:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-26 16:12 - 2010-01-26 21:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-26 16:00 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-26 16:00 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-25 21:22 - 2012-10-18 07:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-25 19:24 - 2013-09-25 19:24 - 00002303 _____ C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
2013-09-25 19:24 - 2009-09-04 10:59 - 00197293 _____ C:\Windows\DirectX.log
2013-09-25 12:22 - 2013-09-25 12:22 - 00048125 _____ C:\Users\Stelljes\Desktop\FRST.txt
2013-09-25 12:16 - 2009-11-04 17:42 - 00022962 _____ C:\Users\Stelljes\AppData\Roaming\wklnhst.dat
2013-09-25 12:03 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-09-25 09:56 - 2013-09-25 09:55 - 00448512 _____ (OldTimer Tools) C:\Users\Stelljes\Downloads\TFC.exe
2013-09-24 20:50 - 2013-09-24 20:50 - 00000000 ____D C:\ProgramData\Oracle
2013-09-24 20:30 - 2013-09-24 20:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-24 20:30 - 2013-09-24 20:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-24 20:30 - 2013-02-10 17:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-24 20:30 - 2013-02-10 17:49 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-24 20:30 - 2012-09-07 20:28 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-24 20:30 - 2012-07-31 14:07 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-09-24 20:30 - 2012-07-31 14:06 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-24 20:21 - 2013-09-24 20:21 - 00913832 _____ (Oracle Corporation) C:\Users\Stelljes\Downloads\chromeinstall-7u40.exe
2013-09-24 15:04 - 2013-09-24 15:04 - 00000157 _____ C:\Users\Stelljes\Desktop\2. Meldung vom G-Data.txt
2013-09-24 15:02 - 2013-09-24 15:02 - 00000820 _____ C:\Users\Stelljes\Desktop\Meldung vom G-Data.txt
2013-09-24 14:25 - 2013-09-19 18:29 - 00001917 _____ C:\ProgramData\8e0b13c8-ace2-4474-91ca-5e636b42474c
2013-09-24 14:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-09-23 21:43 - 2013-06-28 21:27 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0 S-Edition
2013-09-23 21:13 - 2013-09-23 21:13 - 00027799 _____ C:\Users\Stelljes\Desktop\Addition.txt
2013-09-23 20:52 - 2013-09-23 20:52 - 00891144 _____ C:\Users\Stelljes\Downloads\SecurityCheck.exe
2013-09-23 16:20 - 2009-08-24 19:33 - 00654150 _____ C:\Windows\system32\perfh007.dat
2013-09-23 16:20 - 2009-08-24 19:33 - 00130022 _____ C:\Windows\system32\perfc007.dat
2013-09-23 16:20 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-23 16:18 - 2013-09-23 16:18 - 02347384 _____ (ESET) C:\Users\Stelljes\Downloads\esetsmartinstaller_enu.exe
2013-09-23 14:54 - 2009-12-23 23:55 - 00000000 ____D C:\Users\Stelljes\Documents\Claudia
2013-09-22 21:36 - 2013-09-22 21:36 - 00053783 _____ C:\Users\Stelljes\Downloads\FRST.txt
2013-09-22 21:29 - 2013-09-22 21:29 - 00001276 _____ C:\Users\Stelljes\Desktop\JRT.txt
2013-09-22 21:20 - 2013-09-22 21:20 - 00000000 ____D C:\Windows\ERUNT
2013-09-22 21:19 - 2013-09-22 21:19 - 01030038 _____ (Thisisu) C:\Users\Stelljes\Downloads\JRT.exe
2013-09-22 21:10 - 2013-09-22 21:06 - 00000000 ____D C:\AdwCleaner
2013-09-22 21:10 - 2013-02-13 18:50 - 00001298 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-22 21:10 - 2009-10-30 18:27 - 00001013 _____ C:\Users\Stelljes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-22 21:04 - 2009-08-18 03:26 - 00799616 _____ C:\Windows\PFRO.log
2013-09-22 20:59 - 2013-09-22 20:59 - 01039554 _____ C:\Users\Stelljes\Downloads\adwcleaner.exe
2013-09-22 20:34 - 2013-09-22 20:34 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-22 20:34 - 2013-09-22 20:34 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Malwarebytes
2013-09-22 20:34 - 2013-09-22 20:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-22 20:34 - 2013-09-22 20:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-22 20:30 - 2013-09-22 20:28 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Stelljes\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-22 13:24 - 2013-09-22 13:24 - 00067487 _____ C:\ComboFix.txt
2013-09-22 13:24 - 2013-09-22 13:09 - 00000000 ____D C:\Qoobox
2013-09-22 13:24 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-09-22 13:23 - 2013-09-22 13:01 - 00000000 ____D C:\Windows\erdnt
2013-09-22 13:22 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-09-22 13:01 - 2013-09-22 13:00 - 05129542 ____R (Swearware) C:\Users\Stelljes\Downloads\ComboFix (1).exe
2013-09-22 13:00 - 2013-09-22 12:59 - 05129542 ____R (Swearware) C:\Users\Stelljes\Downloads\ComboFix.exe
2013-09-21 10:24 - 2013-09-20 21:50 - 00027927 _____ C:\Users\Stelljes\Downloads\Addition.txt
2013-09-21 00:26 - 2012-10-18 07:25 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-21 00:25 - 2012-07-06 20:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-21 00:25 - 2011-06-15 14:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 20:22 - 2013-09-20 20:22 - 00000000 ____D C:\FRST
2013-09-20 19:59 - 2013-09-20 19:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-09-20 19:59 - 2013-08-25 20:03 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-09-20 19:17 - 2013-09-20 19:17 - 00000478 _____ C:\Users\Stelljes\Downloads\defogger_disable.log
2013-09-20 19:17 - 2013-09-20 19:17 - 00000000 _____ C:\Users\Stelljes\defogger_reenable
2013-09-20 19:17 - 2009-10-30 18:26 - 00000000 ____D C:\Users\Stelljes
2013-09-20 19:16 - 2013-09-20 19:16 - 00050477 _____ C:\Users\Stelljes\Downloads\Defogger.exe
2013-09-20 18:51 - 2013-09-20 18:51 - 00377856 _____ C:\Users\Stelljes\Downloads\gmer_2.1.19163.exe
2013-09-19 20:59 - 2013-09-19 20:59 - 22416432 _____ (Mozilla) C:\Users\Stelljes\Downloads\firefox23_setup [1].exe
2013-09-19 20:59 - 2013-09-19 20:59 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\0F0W0T1V0D0L0M
2013-09-19 20:45 - 2013-09-19 18:26 - 00000000 ____D C:\ProgramData\a03b10e9-3d08-46de-8fbe-f4f2ae2105b2
2013-09-18 04:36 - 2013-08-25 20:03 - 00000000 ___HD C:\ProgramData\CanonIJScan
2013-09-18 04:36 - 2010-02-08 11:41 - 00000000 ____D C:\Users\Stelljes\Documents\S2
2013-09-18 04:36 - 2010-02-08 11:34 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-09-18 04:36 - 2010-02-08 11:30 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-09-18 04:36 - 2009-11-01 15:56 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
2013-09-18 04:36 - 2009-11-01 14:20 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-09-18 04:36 - 2009-10-30 18:26 - 00000000 ____D C:\Program Files (x86)\OEM
2013-09-18 04:36 - 2009-08-18 04:01 - 00000000 ____D C:\ProgramData\Symantec
2013-09-18 04:36 - 2009-08-18 03:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-18 04:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\spool
2013-09-18 04:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-13 04:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-13 03:27 - 2009-10-30 18:27 - 00000000 ___RD C:\Users\Stelljes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 03:27 - 2009-10-30 18:27 - 00000000 ___RD C:\Users\Stelljes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 03:26 - 2013-09-13 03:26 - 00000000 _____ C:\Windows\setuperr.log
2013-09-13 03:26 - 2009-07-14 06:45 - 00381560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 03:07 - 2013-08-23 20:02 - 00000000 ____D C:\Windows\system32\MRT
2013-09-13 03:05 - 2009-11-03 19:07 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-13 03:04 - 2009-08-18 03:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 22:17 - 2013-09-12 22:17 - 00000000 ____D C:\Users\Stelljes\AppData\Local\G DATA
2013-09-12 21:19 - 2013-09-12 21:18 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Ziep
2013-09-12 21:19 - 2013-09-12 21:18 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Anhia
2013-09-11 18:55 - 2013-09-11 18:55 - 00034816 _____ C:\Users\Stelljes\Downloads\=_utf-8_Q_=C3=9Cbungsleiterinnenver_=  =_utf-8_Q_trag=5FFrau=5FBuske.doc_=
2013-09-08 13:18 - 2009-10-30 18:27 - 00088408 _____ C:\Users\Stelljes\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-08 13:07 - 2013-09-08 13:07 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\NVIDIA
2013-09-08 13:07 - 2013-09-08 13:06 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\DivX
2013-09-08 13:03 - 2013-09-08 13:03 - 00000000 ____D C:\Users\Stelljes\AppData\Local\DDMSettings
2013-09-08 13:01 - 2013-09-08 13:01 - 00001627 _____ C:\Users\Stelljes\Desktop\DivX Movies.lnk
2013-09-08 13:01 - 2013-09-08 13:01 - 00001124 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-09-08 13:01 - 2013-09-08 12:45 - 00000000 ____D C:\Program Files (x86)\DivX
2013-09-08 13:01 - 2013-09-08 12:44 - 00000000 ____D C:\ProgramData\DivX
2013-09-08 13:00 - 2013-09-08 13:00 - 00001139 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-09-08 13:00 - 2013-09-08 13:00 - 00000000 ____D C:\Program Files\DivX
2013-09-08 12:44 - 2013-09-08 12:44 - 00993600 _____ (DivX, LLC) C:\Users\Stelljes\Downloads\DivXInstaller.exe
2013-09-08 12:42 - 2013-09-08 12:42 - 00000000 ____D C:\Users\Stelljes\Desktop\Marcel
2013-09-08 12:40 - 2012-06-24 13:49 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software

Some content of TEMP:
====================
C:\Users\Stelljes\AppData\Local\Temp\AutoRun.exe
C:\Users\Stelljes\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Stelljes\AppData\Local\Temp\extra_uninst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 00:19

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2013
Ran by Stelljes at 2013-09-26 22:04:07
Running from C:\Users\Stelljes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZZEEPUJJ
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data AntiVirus 2014 (Enabled - Up to date) {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
AS: G Data AntiVirus 2014 (Enabled - Up to date) {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
7-Zip 9.22beta (x32)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Alice Greenfingers (x32)
Amazon MP3-Downloader 1.0.9 (x32)
Amazonia (x32)
Apple Software Update (x32 Version: 2.1.1.116)
Audials (x32 Version: 9.1.13600.0)
Aufstieg des Hexenkönigs™ (x32)
Autodesk DWF Viewer (x32 Version: 4.1)
Blue Byte Game Channel (x32)
Canon Easy-WebPrint EX (x32 Version: 1.3.5.0)
Canon IJ Scan Utility (x32)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32 Version: 4.0.0)
Canon MG2200 series Benutzerregistrierung (x32)
Canon MG2200 series MP Drivers (Version: 1.00)
Canon MG2200 series On-screen Manual (x32 Version: 7.5.0)
Canon My Image Garden (x32 Version: 1.0.0)
Canon My Image Garden Design Files (x32 Version: 1.0.0)
Canon My Printer (x32 Version: 3.0.0)
Canon Quick Menu (x32 Version: 2.0.0)
Chicken Invaders 2 (x32)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
Dairy Dash (x32)
Die Schlacht um Mittelerde™ II (x32)
DIE SIEDLER - Das Erbe der Könige (x32 Version: 1.00.0000)
Die Siedler II - Die nächste Generation (x32)
Die Siedler IV (x32)
DivX-Setup (x32 Version: 2.6.1.84)
Dream Day First Home (x32)
eBay Worldwide (x32 Version: 2.1.0703)
Farm Frenzy 2 (x32)
G Data AntiVirus 2014 (x32 Version: 24.0.2.4)
Google Chrome (x32 Version: 29.0.1547.76)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)
Granny In Paradise (x32)
Heroes of Hellas (x32)
High-Definition Video Playback (x32 Version: 11.1.11500.4.273)
Identity Card (x32 Version: 1.00.3001)
ImagXpress (x32 Version: 7.0.74.0)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 39 (x32 Version: 6.0.390)
Junk Mail filter update (x32 Version: 14.0.8117.416)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Media Go (x32 Version: 1.4.269)
Merriam Websters Spell Jam (x32)
Metaboli (x32 Version: 1.00.0006)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32)
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Move Media Player (HKCU)
Mozilla Firefox Packages (HKCU)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyPhoneExplorer (x32 Version: 1.8.4)
Nero 11 (x32 Version: 11.2.00900)
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0)
Nero 11 Effects Basic (x32 Version: 11.0.11400.14.0)
Nero 11 Image Samples (x32 Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0)
Nero 11 PiP Effects Basic (x32 Version: 11.0.11400.14.0)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)
Nero BackItUp 11 (x32 Version: 6.2.18400.2.100)
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10400)
Nero Backup Drivers (Version: 1.0.11100.8.0)
Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0)
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300)
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27)
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Core Components 11 (x32 Version: 11.0.16300.1.23)
Nero CoverDesigner 11 (x32 Version: 6.0.11000.13.100)
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Express 11 (x32 Version: 11.2.10300.0.0)
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Kwik Media (x32 Version: 1.14.11600.19.100)
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10300)
Nero Recode 11 (x32 Version: 5.2.10900.0.0)
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10500)
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400)
Nero SharedVideoCodecs (x32 Version: 1.0.11500.1.5)
Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100)
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400)
Nero Update (x32 Version: 11.0.11500.28.0)
Nero Video 11 (x32 Version: 8.2.15700.3.100)
Nero Video 11 Help (CHM) (x32 Version: 11.0.10300)
Nero WaveEditor 11 (x32 Version: 6.2.11300.0.100)
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400)
nero.prerequisites.msi (x32 Version: 11.0.20010)
neroxml (x32 Version: 1.0.0)
Norton Online Backup (x32 Version: 1.2.0.36)
Numedia CD-DVD writing as non-admin user (x32 Version: 1.0.0)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Drivers (Version: 1.7)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7308)
NVIDIA ForceWare Network Access Manager (x32)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Packard Bell GameZone Console (x32 Version: 5.1.2.3)
Packard Bell InfoCentre (x32 Version: 3.02.3000)
Packard Bell Recovery Management (x32 Version: 4.05.3002)
Packard Bell Registration (x32 Version: 1.02.3004)
Packard Bell ScreenSaver (x32 Version: 1.1.0812)
Packard Bell Software Suite SE (x32 Version: 2.01.3001)
Packard Bell Updater (x32 Version: 1.01.3014)
PhotoScape (x32)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayStation(R)Network Downloader (x32 Version: 2.02.00076)
PlayStation(R)Store (x32 Version: 3.1.8.07881)
QuickTime (x32 Version: 7.55.90.70)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5898)
Rossmann Fotowelt Software 4.12.1 (x32 Version: 4.12.1)
Sony PC Companion 2.10.115 (x32 Version: 2.10.115)
Star Defender 4 (x32)
StarMoney (x32 Version: 4.0.0.203)
StarMoney 9.0 S-Edition (x32 Version: 9.0)
Stronghold (x32 Version: 1.20.0000)
Switch Audiodatei-Konverter (x32)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
WavePad Audiobearbeitungs-Software (x32)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0)
Welcome Center (x32 Version: 1.00.3004)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0)

==================== Restore Points  =========================

22-09-2013 11:10:14 ComboFix created restore point
22-09-2013 18:35:40 Windows-Sicherung
24-09-2013 12:32:54 Windows Update
24-09-2013 18:29:44 Installed Java 7 Update 40
25-09-2013 17:24:07 DirectX wurde installiert

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-22 13:22 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {25759D69-82A8-4AC3-9EA3-7091ED16BDB2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-21] (Adobe Systems Incorporated)
Task: {2D80A978-B9A0-46D8-A09C-D0E7EA2927EB} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {56CC88CA-92F7-4C88-87E5-744BA226D383} - System32\Tasks\NCH Software\SwitchDowngrade => C:\Program Files (x86)\NCH Software\Switch\switch.exe [2012-06-24] (NCH Software)
Task: {6127234E-B22B-429C-B3C1-132522FAFE4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-26] (Google Inc.)
Task: {72F2EDF1-2778-4399-97B5-BAE6DEEFC8FE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {A885BFE3-409A-47B6-BE9B-C2C8A5DAA31C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-26] (Google Inc.)
Task: {D80A8424-28DE-45C9-ABD0-72EFB7DD5DFA} - System32\Tasks\NCH Software\SwitchReminder => C:\Program Files (x86)\NCH Software\Switch\Switch.exe [2012-06-24] (NCH Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-02-26 00:32 - 2013-02-26 00:32 - 15053264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-02-25 04:57 - 2013-02-25 04:57 - 00305104 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeLDR64.dll
2013-08-23 20:11 - 2012-03-26 05:00 - 00781824 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNMDRB6.DLL
2013-08-23 20:11 - 2012-03-26 05:00 - 03784704 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNMUIB6.DLL
2013-09-12 21:04 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 21:04 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll
2013-09-12 21:04 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNELBASE.dll
2012-02-17 20:05 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll
2011-06-21 20:15 - 2010-11-20 14:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll
2011-07-06 16:31 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\syswow64\CFGMGR32.dll
2013-08-23 20:34 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll
2012-07-11 21:33 - 2012-06-02 06:34 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SspiCli.dll
2009-07-14 01:12 - 2009-07-14 03:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPTBASE.dll
2009-07-14 01:11 - 2009-07-14 03:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2011-06-21 20:15 - 2010-11-20 14:18 - 00640512 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll
2011-06-21 20:15 - 2010-11-20 14:08 - 00311296 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll
2011-06-21 20:15 - 2010-11-20 14:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll
2009-07-14 01:25 - 2009-07-14 03:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.dll
2013-01-10 18:48 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll
2011-10-13 19:33 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll
2011-06-21 20:16 - 2010-11-20 14:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll
2011-07-06 16:31 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\syswow64\DEVOBJ.dll
2009-07-14 01:28 - 2009-07-14 03:15 - 00828928 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll
2013-08-23 20:34 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\syswow64\WINTRUST.dll
2013-08-23 20:34 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPT32.dll
2011-06-21 20:15 - 2010-11-20 14:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\syswow64\MSASN1.dll
2011-06-21 20:15 - 2010-11-20 14:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll
2013-09-12 21:03 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll
2011-06-21 20:15 - 2010-11-20 14:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll
2009-07-14 01:15 - 2009-07-14 03:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL
2009-07-14 01:44 - 2009-07-14 03:15 - 00522240 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL
2013-04-26 03:11 - 2013-04-26 03:11 - 01483728 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\AVKScanPS.dll
2012-04-11 20:18 - 2012-03-01 07:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\syswow64\imagehlp.dll
2009-07-14 01:33 - 2009-07-14 03:17 - 00249680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2013-04-08 12:29 - 2013-09-05 15:32 - 05631440 _____ (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKScanP\G Data\GDAV.dll
2011-06-21 20:15 - 2010-11-20 14:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\user32.dll
2011-06-21 20:15 - 2010-11-20 14:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll
2009-07-14 01:12 - 2009-07-14 03:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll
2013-02-25 04:07 - 2013-06-27 21:39 - 00333776 _____ (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\gdwfpcd.dll
2013-03-26 04:26 - 2013-03-26 04:26 - 00456144 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\FileBlSrv.dll
2013-03-22 11:14 - 2013-03-22 11:14 - 00533456 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\SecSrv.dll
2013-02-25 04:18 - 2013-02-25 04:18 - 00105424 ____N (G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\avkpop3.dll
2013-02-25 04:18 - 2013-02-25 04:18 - 00104912 ____N (G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\avkimap.dll
2013-02-25 04:19 - 2013-02-25 04:19 - 00111056 ____N (G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\avksmtp.dll
2013-04-26 03:21 - 2013-04-26 03:21 - 00977360 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\avkhttp.dll
2013-02-25 04:23 - 2013-02-25 04:23 - 00343504 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKBap32.dll
2013-09-13 03:07 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\syswow64\urlmon.dll
2009-07-14 01:15 - 2009-07-14 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\syswow64\normaliz.DLL
2013-09-13 03:07 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll
2013-09-13 03:07 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll
2011-10-13 19:33 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\oleaut32.dll
2011-06-21 20:15 - 2010-11-20 14:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.DLL
2013-08-23 20:00 - 2012-05-23 14:04 - 01022160 _____ (Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\libxml2.dll
2013-08-23 20:00 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\PATCHW32.dll
2013-08-23 20:00 - 2013-06-13 12:46 - 00177808 _____ (Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\ouservicesocket.dll
2013-08-23 20:00 - 2013-06-13 12:46 - 00043664 _____ (Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\ousmisc.dll
2012-07-11 21:33 - 2012-06-02 06:40 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-02-25 14:59 - 2013-02-25 14:59 - 01633768 ____N (G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\Common\AVKRes.dll
2013-02-25 04:57 - 2013-02-25 04:57 - 00264144 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeLDR.dll
2013-09-12 21:04 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNEL32.dll
2011-06-21 20:15 - 2010-11-20 14:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\comdlg32.dll
2009-07-14 02:14 - 2009-07-14 03:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-09-13 03:07 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-06-21 20:15 - 2010-11-20 14:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\shlwapi.DLL
2013-04-26 03:59 - 2013-04-26 03:59 - 00266704 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\Banksafe.dll
2011-06-21 20:15 - 2010-11-20 14:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2011-06-21 20:15 - 2010-11-20 14:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\setupapi.dll
2013-09-20 01:16 - 2013-09-17 05:20 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-20 01:16 - 2013-09-17 05:20 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-09-20 01:16 - 2013-09-17 05:21 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-20 01:16 - 2013-09-17 05:21 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-20 01:16 - 2013-09-17 05:20 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2009-07-14 01:15 - 2009-07-14 03:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\psapi.dll
2009-07-14 01:29 - 2009-07-14 03:16 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qmgrprxy.dll
2009-07-14 01:15 - 2009-07-14 03:10 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SFC.DLL
2011-11-25 16:32 - 2011-11-25 16:32 - 00047400 _____ (Nero AG) C:\Program Files (x86)\Nero\Update\NASvcPS.dll
2011-06-21 20:14 - 2010-11-20 14:08 - 00119808 _____ (Microsoft Corporation) C:\Windows\syswow64\IMM32.dll
2009-07-14 02:03 - 2009-07-14 03:15 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2011-06-21 20:15 - 2010-11-20 14:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2011-06-21 20:16 - 2010-11-20 14:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2009-07-14 01:27 - 2009-07-14 03:15 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2009-07-14 01:51 - 2009-07-14 03:14 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vidcap.ax
2011-06-21 20:14 - 2010-11-20 14:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kswdmcap.ax
2011-04-14 21:56 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC42.dll
2011-06-21 20:15 - 2010-11-20 14:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ODBC32.dll
2009-07-14 02:11 - 2009-07-14 03:09 - 00229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcint.dll
2012-01-11 19:34 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-01-10 18:48 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2011-08-10 19:45 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XmlLite.dll
2011-06-21 20:15 - 2010-11-20 14:21 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-04-26 04:05 - 2013-04-26 04:05 - 03146192 ____N (G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVK.dll
2011-06-21 20:15 - 2010-11-20 14:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll
2013-02-25 04:13 - 2013-02-25 04:13 - 00182736 ____N (G DATA Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKScanP\AVKScanP.dll
2013-02-25 04:11 - 2013-02-25 04:11 - 00586192 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKScanP\AVKQt.dll
2013-04-26 03:20 - 2013-04-26 03:20 - 01818064 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\IUpdate\GDIUpdt.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F
AlternateDataStreams: C:\ProgramData\TEMP:6B9ADB51
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:98353363
AlternateDataStreams: C:\ProgramData\TEMP:E1F04E8D

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/26/2013 09:57:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/26/2013 09:57:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/26/2013 09:57:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/26/2013 03:53:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/26/2013 03:53:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/26/2013 03:53:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/26/2013 03:53:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/26/2013 03:53:48 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/26/2013 03:53:48 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/25/2013 01:56:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (09/26/2013 09:59:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (09/26/2013 09:59:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/26/2013 03:55:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (09/26/2013 03:55:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/25/2013 07:30:52 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/25/2013 07:30:45 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/25/2013 07:30:38 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/25/2013 05:28:44 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/25/2013 05:28:37 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/25/2013 05:28:30 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-09-22 13:20:57.961
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-22 13:20:57.899
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 61%
Total physical RAM: 3071.24 MB
Available physical RAM: 1189.96 MB
Total Pagefile: 6140.66 MB
Available Pagefile: 3560.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:341.45 GB) (Free:271.13 GB) NTFS
Drive d: (DATA) (Fixed) (Total:342.09 GB) (Free:127.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: CBD5E41A)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=341 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=342 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Gruß Nigi

schrauber 27.09.2013 09:09
Dein Rechner:

Alles von Divx deinstallieren.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
CHR DefaultSearchURL: (qvo6) - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=3219913727_67194_F62EAFE5&ts=1379617033&type=default&q={searchTerms}
CHR DefaultSuggestURL: (qvo6) -      "suggest_url": ""
C:\Program Files (x86)\DivX
S3 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [x]
2013-09-12 21:18 - 2013-09-12 21:19 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Ziep
2013-09-12 21:18 - 2013-09-12 21:19 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Anhia
Task: {72F2EDF1-2778-4399-97B5-BAE6DEEFC8FE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Autostart-Ordner kontrollieren ob da was drin steht. reboot. Kommen die Fenster noch?

Nigi 27.09.2013 14:26
Hallo Schrauber,

habe alles was ich gefunden habe von DIVX deinstalliert und FRST laufen lassen, hier das Fixlog

Code:
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
CHR DefaultSearchURL: (qvo6) - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=3219913727_67194_F62EAFE5&ts=1379617033&type=default&q={searchTerms}
CHR DefaultSuggestURL: (qvo6) -      "suggest_url": ""
C:\Program Files (x86)\DivX
S3 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [x]
2013-09-12 21:18 - 2013-09-12 21:19 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Ziep
2013-09-12 21:18 - 2013-09-12 21:19 - 00000000 ____D C:\Users\Stelljes\AppData\Roaming\Anhia
Task: {72F2EDF1-2778-4399-97B5-BAE6DEEFC8FE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Im Autostart Ordner steht nur Mc Afee Security Scan

Gruß
Nigi

schrauber 28.09.2013 08:50
Kommt der Ordner noch?

Nigi 28.09.2013 15:01
Hallo Schrauber,

ja alle Drei Fenster ploppen nach wie vor auf, das SYSWOW64, der Live-Messanger und auch das Online-Backup-Fenster von Norton.

Ich wusste aber auch nicht genau welchen Autostart Ordner ich anschauen sollte vielleicht habe ich ja nicht im richtigen geschaut. Wo finde ich den, den Du meinst?

Gruß
Nigi

schrauber 29.09.2013 05:51
Gibts doch gar nit.

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

Nigi 29.09.2013 08:07
Hallo Schrauber,

hier die beiden Logfiles von OLT

Code:
OTL logfile created on: 29.09.2013 08:45:17 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Stelljes\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 43,90% Memory free
6,00 Gb Paging File | 3,60 Gb Available in Paging File | 59,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 341,45 Gb Total Space | 268,49 Gb Free Space | 78,63% Space Free | Partition Type: NTFS
Drive D: | 342,09 Gb Total Space | 127,71 Gb Free Space | 37,33% Space Free | Partition Type: NTFS
 
Computer Name: STELLJES-PC | User Name: Stelljes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Stelljes\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVK.exe (G Data Software AG)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated)
PRC - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\NMSAccessU.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8927b576eb15c4a8f4bb04f05e7cc51e\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\56a1feb800860a3bc5d8a45ee92a77ec\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\001aeb860d7f2ba416e0fedc606fee98\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1a3b614a84244ea5fa4147b5cf007333\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c25ede0d0127774c504c4fc41d4de273\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b3ed31a444f444325ddb64b290ed2f1e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlX64.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
SRV - (StarMoney 9.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (AdobeActiveFileMonitor7.0) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (NMSAccessU) -- C:\Program Files (x86)\Common Files\NMSAccessU.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (GdNetMon) -- C:\Windows\SysNative\drivers\GdNetMon64.sys (G Data Software AG)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (s1039mdm) -- C:\Windows\SysNative\drivers\s1039mdm.sys (MCCI Corporation)
DRV:64bit: - (s1039unic) -- C:\Windows\SysNative\drivers\s1039unic.sys (MCCI Corporation)
DRV:64bit: - (s1039obex) -- C:\Windows\SysNative\drivers\s1039obex.sys (MCCI Corporation)
DRV:64bit: - (s1039nd5) -- C:\Windows\SysNative\drivers\s1039nd5.sys (MCCI Corporation)
DRV:64bit: - (s1039mdfl) -- C:\Windows\SysNative\drivers\s1039mdfl.sys (MCCI Corporation)
DRV:64bit: - (s1039mgmt) -- C:\Windows\SysNative\drivers\s1039mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1039bus) -- C:\Windows\SysNative\drivers\s1039bus.sys (MCCI Corporation)
DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (GRD) -- C:\Windows\SysWOW64\drivers\GRD.sys (G Data Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE351
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Stelljes\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
 
 
[2012.06.01 19:37:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: qvo6 (Enabled)
CHR - default_search_provider: search_url = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=3219913727_67194_F62EAFE5&ts=1379617033&type=default&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U39 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Stelljes\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - plugin: Java Deployment Toolkit 6.0.390.4 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\
CHR - Extension: Google Drive = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google-Suche = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Chrome In-App Payments service = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Mail = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2013.09.22 13:22:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [G Data ASM] C:\Program Files (x86)\G Data\AntiVirus\DelayLoader\AutorunDelayLoader.exe (G Data Software AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 10.40.2)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 10.40.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1659EDE5-A4D1-49AB-9BCD-BB2117C8F93C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.27 21:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data AntiVirus 2014
[2013.09.27 15:20:40 | 001,953,854 | ---- | C] (Farbar) -- C:\Users\Stelljes\Desktop\FRST64.exe
[2013.09.24 20:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.09.24 20:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.09.24 20:30:40 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.09.24 20:30:19 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.09.24 20:30:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.09.22 21:20:36 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.09.22 21:06:23 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.22 20:34:36 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Roaming\Malwarebytes
[2013.09.22 20:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.09.22 20:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.09.22 20:34:11 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.09.22 20:34:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.09.22 20:32:18 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Local\Programs
[2013.09.22 13:24:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.09.22 13:10:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.09.22 13:10:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.09.22 13:10:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.09.22 13:09:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.09.22 13:01:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.09.20 20:22:51 | 000,000,000 | ---D | C] -- C:\FRST
[2013.09.20 19:59:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2013.09.19 20:59:54 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Roaming\0F0W0T1V0D0L0M
[2013.09.19 18:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\a03b10e9-3d08-46de-8fbe-f4f2ae2105b2
[2013.09.13 03:07:55 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.13 03:07:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.13 03:07:54 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.13 03:07:53 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.13 03:07:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.13 03:07:53 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.13 03:07:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.13 03:07:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.13 03:07:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.13 03:07:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.13 03:07:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.13 03:07:51 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.13 03:07:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.13 03:07:51 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.13 03:07:50 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.12 22:17:51 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Local\G DATA
[2013.09.12 21:04:26 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013.09.12 21:04:25 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.09.12 21:04:25 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.09.12 21:04:24 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.09.12 21:04:24 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.09.12 21:04:24 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.09.12 21:04:24 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.09.12 21:04:24 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.09.12 21:04:24 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.09.12 21:04:24 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.09.12 21:04:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.09.12 21:04:24 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.09.12 21:04:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.09.12 21:04:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.09.12 21:04:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.09.12 21:04:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.09.12 21:04:24 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.09.12 21:04:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.09.12 21:04:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.09.12 21:04:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.09.12 21:04:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.12 21:04:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.12 21:04:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.12 21:04:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.09.12 21:04:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.09.12 21:04:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.09.12 21:04:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.09.12 21:04:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.09.12 21:04:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.09.12 21:04:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.09.12 21:04:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.09.12 21:03:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.09.08 13:07:02 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Roaming\NVIDIA
[2013.09.08 13:06:54 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Roaming\DivX
[2013.09.08 13:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.09.08 13:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.09.08 12:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.09.08 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\Desktop\Marcel
[2009.08.18 03:34:06 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.29 08:46:01 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.29 08:46:01 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.29 08:38:52 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.29 08:38:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.29 08:38:33 | 2415,316,992 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.28 21:22:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.28 21:12:03 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.27 21:36:25 | 000,063,320 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2013.09.27 21:36:06 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
[2013.09.27 21:36:04 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2013.09.27 21:36:04 | 000,064,856 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2013.09.27 21:35:46 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2013.09.27 21:35:46 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2013.09.27 15:20:32 | 001,953,854 | ---- | M] (Farbar) -- C:\Users\Stelljes\Desktop\FRST64.exe
[2013.09.25 19:24:40 | 000,002,303 | ---- | M] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
[2013.09.25 12:16:48 | 000,022,962 | ---- | M] () -- C:\Users\Stelljes\AppData\Roaming\wklnhst.dat
[2013.09.24 20:30:12 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.09.24 20:30:10 | 000,868,264 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.09.24 20:30:10 | 000,790,440 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.09.24 20:30:10 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.09.24 20:30:10 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.09.24 20:30:10 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.09.24 14:25:22 | 000,001,917 | ---- | M] () -- C:\ProgramData\8e0b13c8-ace2-4474-91ca-5e636b42474c
[2013.09.23 16:20:10 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.23 16:20:10 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.09.23 16:20:10 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.23 16:20:10 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.09.23 16:20:10 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.22 21:10:37 | 000,001,298 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.09.22 20:34:12 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.09.22 13:22:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.09.21 00:25:59 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.09.21 00:25:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.09.20 19:17:33 | 000,000,000 | ---- | M] () -- C:\Users\Stelljes\defogger_reenable
[2013.09.17 18:10:24 | 001,113,710 | ---- | M] () -- C:\Users\Stelljes\Documents\IMG_20130917_0003.jpg
[2013.09.17 18:09:29 | 001,018,436 | ---- | M] () -- C:\Users\Stelljes\Documents\IMG_20130917_0002.jpg
[2013.09.17 18:07:00 | 000,697,167 | ---- | M] () -- C:\Users\Stelljes\Documents\IMG_20130917_0001.pdf
[2013.09.13 03:26:42 | 000,381,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.09.25 19:24:40 | 000,002,303 | ---- | C] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
[2013.09.22 20:34:12 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.09.22 13:10:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.09.22 13:10:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.09.22 13:10:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.09.22 13:10:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.09.22 13:10:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.09.20 19:17:33 | 000,000,000 | ---- | C] () -- C:\Users\Stelljes\defogger_reenable
[2013.09.19 18:29:14 | 000,001,917 | ---- | C] () -- C:\ProgramData\8e0b13c8-ace2-4474-91ca-5e636b42474c
[2013.09.17 18:10:24 | 001,113,710 | ---- | C] () -- C:\Users\Stelljes\Documents\IMG_20130917_0003.jpg
[2013.09.17 18:09:29 | 001,018,436 | ---- | C] () -- C:\Users\Stelljes\Documents\IMG_20130917_0002.jpg
[2013.09.17 18:06:59 | 000,697,167 | ---- | C] () -- C:\Users\Stelljes\Documents\IMG_20130917_0001.pdf
[2011.06.28 20:45:21 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.06 16:58:13 | 000,003,584 | ---- | C] () -- C:\Users\Stelljes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.23 18:06:00 | 000,007,603 | ---- | C] () -- C:\Users\Stelljes\AppData\Local\Resmon.ResmonCfg
[2009.11.04 17:42:13 | 000,022,962 | ---- | C] () -- C:\Users\Stelljes\AppData\Roaming\wklnhst.dat
[2007.01.25 03:52:26 | 000,065,536 | ---- | C] () -- C:\Program Files (x86)\Common Files\NMSAccessU.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:6B9ADB51
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0B9176C0
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:E1F04E8D
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:5D7E5A8F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:98353363
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:93DE1838

< End of report >
und

Code:
OTL Extras logfile created on: 29.09.2013 08:45:17 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Stelljes\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 43,90% Memory free
6,00 Gb Paging File | 3,60 Gb Available in Paging File | 59,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 341,45 Gb Total Space | 268,49 Gb Free Space | 78,63% Space Free | Partition Type: NTFS
Drive D: | 342,09 Gb Total Space | 127,71 Gb Free Space | 37,33% Space Free | Partition Type: NTFS
 
Computer Name: STELLJES-PC | User Name: Stelljes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{071F8B01-D85C-4235-AE2F-558E0E2020A7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{181B50AE-739B-4777-BE6E-2BE387F2EEAE}" = rport=139 | protocol=6 | dir=out | app=system |
"{2CC7298C-CBB8-4579-BD8B-257666446EED}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2D76837F-0982-41EC-956D-2EE378D24F0B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3A1AE10C-1C6B-4DF3-8B63-5DDCC626E81C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{425FDD2C-C782-4E80-A6A2-B650ABD3F60B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{629D860B-B79E-443C-992B-B97BD505E3BC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6EE59659-EFC4-4EFC-B5CB-D86627365067}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 |
"{6F0E17BB-9C9B-4BAC-A38F-84746CD1F6E5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{703AC514-A9A3-47A3-94ED-D55C646F9AF8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85A7BAD5-11C5-44A0-B61A-3E54AF9B6EAD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8BF17F43-159C-422A-81B6-FDD45E093554}" = lport=137 | protocol=17 | dir=in | app=system |
"{8C99C006-18E2-4D0D-A30D-E13D6C3C6EB4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{95DF8A11-53FD-4930-9462-E9B36B7B3A8B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{992E80F4-EB75-468E-BC0C-8B57BF006F69}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 |
"{A7600349-C3B8-467D-B477-F928F1563782}" = lport=139 | protocol=6 | dir=in | app=system |
"{B7380A03-AE28-4691-AE29-E2E4CD949E0F}" = lport=445 | protocol=6 | dir=in | app=system |
"{C14B225D-FD79-49D7-8340-FBCBBAE8A954}" = rport=138 | protocol=17 | dir=out | app=system |
"{C6F36FAE-044C-4A87-AD88-0075FA1E4501}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CEE3F4FE-1E48-4750-9E19-892BA93F8BA0}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 |
"{D1466A06-E7E4-48A5-8E94-B5A5E41A4637}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D1CED156-2134-4674-A99B-7E0005EF624A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D92C995B-9986-46E7-8DD6-0431EE91D28B}" = rport=137 | protocol=17 | dir=out | app=system |
"{DF167A41-BC2B-4079-B9C2-6C77DEB16737}" = rport=445 | protocol=6 | dir=out | app=system |
"{E22C6EC5-BF7E-4F2F-AB09-3DC61F33EDA9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E892BED9-52A3-4FCA-89FF-AD8AD4048E04}" = lport=138 | protocol=17 | dir=in | app=system |
"{F2587966-017D-4E3A-A9C7-C1FC6B363C77}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F710E37F-324A-4322-AAC2-054749F35DF0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0122DB0B-8D10-48C1-AE38-EF426F1C8EB0}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\aufstieg des hexenkönigs\game.dat |
"{05400CEC-2155-4805-9934-2F4B13CB49C7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0A1BBC30-869B-4711-868F-90012189D4BC}" = protocol=6 | dir=in | app=c:\users\stelljes\appdata\local\temp\7zs1fec\hpdiagnosticcoreui.exe |
"{193947E5-395C-4B33-A3A7-CA7621727595}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{21839D65-5EE5-49B0-9AC7-9561CEF03D76}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 9.0 s-edition\app\starmoney.exe |
"{241DC6B8-3AF6-4057-9DA7-071AC164B10D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{241E609C-C522-4BDA-A9BE-F2034BFA6245}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{26861842-3F18-4993-9DC4-E6FB754A66E8}" = protocol=6 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{2956D962-FC32-4389-8D8A-3D927818BEE3}" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold\stronghold.exe |
"{2B69F703-A652-4A85-A40A-66B88F27240B}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 9.0 s-edition\ouservice\starmoneyonlineupdate.exe |
"{42F7F328-0CEB-4904-8B74-526A8ECF1362}" = protocol=6 | dir=out | app=system |
"{4430BDE4-7576-4872-8883-791F0ECD85FB}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\aufstieg des hexenkönigs\game.dat |
"{5E959F0A-5A77-448E-9615-BD3B4EE0A343}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{655A22ED-9FB9-478C-9F06-2F65C86BA5A5}" = protocol=17 | dir=in | app=c:\program files (x86)\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{673ECF17-37DC-41FD-9FDF-63DA1F9BA828}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{69312276-B37F-4C7E-BDCB-5A009F5AC22D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{74529C26-57BB-4A75-9F3E-F269C665570E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74E5069C-46C5-4D33-BF13-80ECAA1E4B6E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D5B2EAB-0F79-4532-867A-D95EFCE6DAD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F0EB3F1-06EB-46F6-8C7D-736739D1F8BD}" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold\stronghold.exe |
"{803D7157-2150-404E-84F1-309592E2721F}" = protocol=17 | dir=in | app=c:\users\stelljes\appdata\local\temp\7zs1fec\hpdiagnosticcoreui.exe |
"{833FDB74-B774-4FED-81DC-E463C4FE4E0B}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 9.0 s-edition\ouservice\starmoneyonlineupdate.exe |
"{88CDA0A3-47A2-42AD-9235-E38E69EFA24B}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 9.0 s-edition\app\starmoney.exe |
"{8FD80E78-9725-4BEC-B6E4-03843A4D60F6}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat |
"{99A156FF-36CB-47AF-A9CD-8E42E91D689A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\die schlacht um mittelerde ii\game.dat |
"{9CD1BCD1-642B-4F25-A478-25837822CF61}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A04C1B9F-0CD9-4E42-926E-FE33B2A69223}" = protocol=17 | dir=in | app=c:\users\stelljes\appdata\local\temp\7zs6e88\hpdiagnosticcoreui.exe |
"{AE3F25B5-5FCA-40A2-94DC-712FE98F32CB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B1C986A8-59E0-42DB-ACA3-FC99DDD93DE0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BDE17572-EA7B-4114-84BA-7252C7CFAD3C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7D604C0-79DC-4B55-988C-77604FF5DF09}" = dir=in | app=c:\program files (x86)\rapidsolution\audials 9\audials.exe |
"{CD502A22-9E9E-4976-9B5A-03B93FBA1A7E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D27F8BA2-4D94-4612-8FAD-8DC5E549974D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D31B1B26-3E90-4FC9-9DB6-B70EC33BFD0B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D9FB32DF-04CE-4D58-965F-55CE133B7BCC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DC8EED3F-8994-4D50-B60D-CE31FC3149AB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{EFF871D7-18BD-4693-9808-DEB245F09001}" = protocol=6 | dir=in | app=c:\users\stelljes\appdata\local\temp\7zs6e88\hpdiagnosticcoreui.exe |
"{F8788899-7D40-44C4-A37D-B3FED1E98179}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FAF9DA59-F5ED-4AA9-B159-E9A9B5CE18BE}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{FFAFE274-F791-460D-9D08-296C0640B35C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{61DCFBCB-A194-4CA1-A3CA-A06858EB938E}C:\program files (x86)\electronic arts\aufstieg des hexenkönigs\patchget.dat" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\aufstieg des hexenkönigs\patchget.dat |
"TCP Query User{C1FCB422-1926-4F18-81C8-FBBAB1E40ADA}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{2D4B03B9-4203-446F-9E35-03A16B0813A2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{EAB9D35A-D235-4D05-B3AE-078AE9547727}C:\program files (x86)\electronic arts\aufstieg des hexenkönigs\patchget.dat" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\aufstieg des hexenkönigs\patchget.dat |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series" = Canon MG2200 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{14AD9FFF-0030-473D-8FB4-1D5736324BA1}" = StarMoney 9.0 S-Edition
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 39
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6E2455-E318-4A60-9174-754D1BE5E7A4}" = Nero 11
"{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = Welcome App (Start-up experience)
"{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}" = Media Go
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A6DB7C1-E646-4842-A562-49C5EB8F2B47}" = StarMoney
"{5F17164A-FE5F-48B4-916F-56C6C4470D32}" = G Data AntiVirus 2014
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7108738A-F48C-4FC9-80A1-4B70254270DF}" = Audials
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = DIE SIEDLER - Das Erbe der Könige
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{9242564e-02e9-4ea8-9d2d-351f6f728e1c}_is1" = Packard Bell GameZone Console
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94056AE8-EF0F-45E4-A1B4-D754115F8A28}" = Numedia CD-DVD writing as non-admin user
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAF89271-2594-468D-B578-96B2E30C41C4}" = eBay Worldwide
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F902AB2B-7816-4CBD-A385-F2549F62956B}" = StarMoney
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FAF448F1-4460-440C-9280-07F66A63D6F5}" = Nero Kwik Media
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"7-Zip" = 7-Zip 9.22beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"Blue Byte Game Channel" = Blue Byte Game Channel
"Canon MG2200 series Benutzerregistrierung" = Canon MG2200 series Benutzerregistrierung
"Canon MG2200 series On-screen Manual" = Canon MG2200 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Metaboli" = Metaboli
"MPE" = MyPhoneExplorer
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Software Suite SE" = Packard Bell Software Suite SE
"Packard Bell Welcome Center" = Welcome Center
"PhotoScape" = PhotoScape
"Rossmann Fotowelt Software" = Rossmann Fotowelt Software 4.12.1
"S2TNG" = Die Siedler II - Die nächste Generation
"S4Uninst" = Die Siedler IV
"Switch" = Switch Audiodatei-Konverter
"WavePad" = WavePad Audiobearbeitungs-Software
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"Mozilla Firefox Packages" = Mozilla Firefox Packages
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 27.09.2013 16:00:28 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Sony\Media Go\MediaGo.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program
 Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST" in Zeile  3.  Die im Manifest gefundene
 Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.  Verweis:
 Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".  Definition:
 Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 27.09.2013 16:04:06 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 28.09.2013 10:06:11 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.09.2013 10:06:12 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 28.09.2013 10:06:26 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Sony\Media Go\MediaGo.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program
 Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST" in Zeile  3.  Die im Manifest gefundene
 Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.  Verweis:
 Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".  Definition:
 Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 29.09.2013 02:38:57 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.09.2013 02:38:57 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.09.2013 02:39:08 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.09.2013 02:39:08 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
 abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 29.09.2013 02:39:13 | Computer Name = Stelljes-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Sony\Media Go\MediaGo.exe". Fehler in Manifest- oder Richtliniendatei "C:\Program
 Files (x86)\Sony\Media Go\Sony.Mrs.MANIFEST" in Zeile  3.  Die im Manifest gefundene
 Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.  Verweis:
 Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".  Definition:
 Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
[ System Events ]
Error - 27.09.2013 09:35:03 | Computer Name = Stelljes-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "Packard Bell" den Befehl "chkdsk" aus.
 
Error - 27.09.2013 09:35:06 | Computer Name = Stelljes-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "Packard Bell" den Befehl "chkdsk" aus.
 
Error - 27.09.2013 13:25:02 | Computer Name = Stelljes-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 27.09.2013 13:25:02 | Computer Name = Stelljes-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 27.09.2013 15:41:58 | Computer Name = Stelljes-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 27.09.2013 15:41:58 | Computer Name = Stelljes-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 28.09.2013 10:08:05 | Computer Name = Stelljes-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 28.09.2013 10:08:05 | Computer Name = Stelljes-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
Error - 29.09.2013 02:40:59 | Computer Name = Stelljes-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 29.09.2013 02:40:59 | Computer Name = Stelljes-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%1069
 
 
< End of report >
Vielen Dank nochmals für Deine Geduld und Deine verständlichen Anweisungen.

Wünsche Dir einen schönen Sonntag
Gruß
Nigi

schrauber 29.09.2013 17:52
Zitat:
Scan Mode: Current user
Klick in OTL bitte auf All User und scanne nochmal.

Nigi 29.09.2013 20:51
Hallo Schrauber,

hier nun das Log vom neuen OTL-Scan

Code:
OTL logfile created on: 29.09.2013 20:50:54 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Stelljes\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 38,11% Memory free
6,00 Gb Paging File | 3,27 Gb Available in Paging File | 54,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 341,45 Gb Total Space | 268,25 Gb Free Space | 78,56% Space Free | Partition Type: NTFS
Drive D: | 342,09 Gb Total Space | 127,71 Gb Free Space | 37,33% Space Free | Partition Type: NTFS
 
Computer Name: STELLJES-PC | User Name: Stelljes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Stelljes\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated)
PRC - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\NMSAccessU.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8927b576eb15c4a8f4bb04f05e7cc51e\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\c389533f1477363803e53dce01560d12\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\56a1feb800860a3bc5d8a45ee92a77ec\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\001aeb860d7f2ba416e0fedc606fee98\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\8fefdc1ecedf91a104b084c7d8200bde\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1a3b614a84244ea5fa4147b5cf007333\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\c25ede0d0127774c504c4fc41d4de273\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b3ed31a444f444325ddb64b290ed2f1e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\cfbc74c91b44af85d10b272ae5c70d5a\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G DATA\AntiVirus\AVK\AVKWCtlX64.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
SRV - (StarMoney 9.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (AdobeActiveFileMonitor7.0) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (NMSAccessU) -- C:\Program Files (x86)\Common Files\NMSAccessU.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NBVol) -- C:\Windows\SysNative\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (NBVolUp) -- C:\Windows\SysNative\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (GdNetMon) -- C:\Windows\SysNative\drivers\GdNetMon64.sys (G Data Software AG)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (s1039mdm) -- C:\Windows\SysNative\drivers\s1039mdm.sys (MCCI Corporation)
DRV:64bit: - (s1039unic) -- C:\Windows\SysNative\drivers\s1039unic.sys (MCCI Corporation)
DRV:64bit: - (s1039obex) -- C:\Windows\SysNative\drivers\s1039obex.sys (MCCI Corporation)
DRV:64bit: - (s1039nd5) -- C:\Windows\SysNative\drivers\s1039nd5.sys (MCCI Corporation)
DRV:64bit: - (s1039mdfl) -- C:\Windows\SysNative\drivers\s1039mdfl.sys (MCCI Corporation)
DRV:64bit: - (s1039mgmt) -- C:\Windows\SysNative\drivers\s1039mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1039bus) -- C:\Windows\SysNative\drivers\s1039bus.sys (MCCI Corporation)
DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (GRD) -- C:\Windows\SysWOW64\drivers\GRD.sys (G Data Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-135545874-1981648984-1677087152-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-135545874-1981648984-1677087152-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-135545874-1981648984-1677087152-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-135545874-1981648984-1677087152-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE351
IE - HKU\S-1-5-21-135545874-1981648984-1677087152-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-135545874-1981648984-1677087152-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Stelljes\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
 
 
[2012.06.01 19:37:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: qvo6 (Enabled)
CHR - default_search_provider: search_url = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=3219913727_67194_F62EAFE5&ts=1379617033&type=default&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U39 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Stelljes\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - plugin: Java Deployment Toolkit 6.0.390.4 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\
CHR - Extension: Google Drive = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Google-Suche = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Chrome In-App Payments service = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Mail = C:\Users\Stelljes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2013.09.22 13:22:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-135545874-1981648984-1677087152-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [G Data ASM] C:\Program Files (x86)\G Data\AntiVirus\DelayLoader\AutorunDelayLoader.exe (G Data Software AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-135545874-1981648984-1677087152-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 10.40.2)
O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 1.6.0_39)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Java Plug-in 10.40.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1659EDE5-A4D1-49AB-9BCD-BB2117C8F93C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.27 21:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data AntiVirus 2014
[2013.09.27 15:20:40 | 001,953,854 | ---- | C] (Farbar) -- C:\Users\Stelljes\Desktop\FRST64.exe
[2013.09.24 20:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.09.24 20:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.09.24 20:30:40 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.09.24 20:30:19 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.09.24 20:30:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.09.22 21:20:36 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.09.22 21:06:23 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.22 20:34:36 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Roaming\Malwarebytes
[2013.09.22 20:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.09.22 20:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.09.22 20:34:11 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.09.22 20:34:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.09.22 20:32:18 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Local\Programs
[2013.09.22 13:24:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.09.22 13:10:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.09.22 13:10:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.09.22 13:10:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.09.22 13:09:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.09.22 13:01:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.09.20 20:22:51 | 000,000,000 | ---D | C] -- C:\FRST
[2013.09.20 19:59:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2013.09.19 20:59:54 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Roaming\0F0W0T1V0D0L0M
[2013.09.19 18:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\a03b10e9-3d08-46de-8fbe-f4f2ae2105b2
[2013.09.13 03:07:55 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.13 03:07:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.13 03:07:54 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.13 03:07:53 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.13 03:07:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.13 03:07:53 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.13 03:07:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.13 03:07:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.13 03:07:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.13 03:07:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.13 03:07:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.13 03:07:51 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.13 03:07:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.13 03:07:51 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.13 03:07:50 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.12 22:17:51 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Local\G DATA
[2013.09.12 21:04:26 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013.09.12 21:04:25 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.09.12 21:04:25 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.09.12 21:04:24 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.09.12 21:04:24 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.09.12 21:04:24 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.09.12 21:04:24 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.09.12 21:04:24 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.09.12 21:04:24 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.09.12 21:04:24 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.09.12 21:04:24 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.09.12 21:04:24 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.09.12 21:04:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.09.12 21:04:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.09.12 21:04:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.09.12 21:04:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.09.12 21:04:24 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.09.12 21:04:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.09.12 21:04:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.09.12 21:04:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.09.12 21:04:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.12 21:04:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.12 21:04:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.12 21:04:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.09.12 21:04:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.12 21:04:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.09.12 21:04:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.09.12 21:04:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.09.12 21:04:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.09.12 21:04:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.09.12 21:04:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.09.12 21:04:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.09.12 21:04:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.09.12 21:04:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.09.12 21:03:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.09.08 13:07:02 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Roaming\NVIDIA
[2013.09.08 13:06:54 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\AppData\Roaming\DivX
[2013.09.08 13:00:18 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.09.08 13:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.09.08 12:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.09.08 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Stelljes\Desktop\Marcel
[2009.08.18 03:34:06 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.29 20:54:35 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.29 20:54:35 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.29 20:46:38 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.29 20:46:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.29 20:46:18 | 2415,316,992 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.29 18:22:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.29 18:12:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.27 21:36:25 | 000,063,320 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2013.09.27 21:36:06 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
[2013.09.27 21:36:04 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2013.09.27 21:36:04 | 000,064,856 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2013.09.27 21:35:46 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2013.09.27 21:35:46 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2013.09.27 15:20:32 | 001,953,854 | ---- | M] (Farbar) -- C:\Users\Stelljes\Desktop\FRST64.exe
[2013.09.25 19:24:40 | 000,002,303 | ---- | M] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
[2013.09.25 12:16:48 | 000,022,962 | ---- | M] () -- C:\Users\Stelljes\AppData\Roaming\wklnhst.dat
[2013.09.24 20:30:12 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.09.24 20:30:10 | 000,868,264 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.09.24 20:30:10 | 000,790,440 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.09.24 20:30:10 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.09.24 20:30:10 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.09.24 20:30:10 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.09.24 14:25:22 | 000,001,917 | ---- | M] () -- C:\ProgramData\8e0b13c8-ace2-4474-91ca-5e636b42474c
[2013.09.23 16:20:10 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.23 16:20:10 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.09.23 16:20:10 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.23 16:20:10 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.09.23 16:20:10 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.22 21:10:37 | 000,001,298 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.09.22 20:34:12 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.09.22 13:22:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.09.21 00:25:59 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.09.21 00:25:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.09.20 19:17:33 | 000,000,000 | ---- | M] () -- C:\Users\Stelljes\defogger_reenable
[2013.09.17 18:10:24 | 001,113,710 | ---- | M] () -- C:\Users\Stelljes\Documents\IMG_20130917_0003.jpg
[2013.09.17 18:09:29 | 001,018,436 | ---- | M] () -- C:\Users\Stelljes\Documents\IMG_20130917_0002.jpg
[2013.09.17 18:07:00 | 000,697,167 | ---- | M] () -- C:\Users\Stelljes\Documents\IMG_20130917_0001.pdf
[2013.09.13 03:26:42 | 000,381,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.09.25 19:24:40 | 000,002,303 | ---- | C] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk
[2013.09.22 20:34:12 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.09.22 13:10:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.09.22 13:10:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.09.22 13:10:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.09.22 13:10:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.09.22 13:10:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.09.20 19:17:33 | 000,000,000 | ---- | C] () -- C:\Users\Stelljes\defogger_reenable
[2013.09.19 18:29:14 | 000,001,917 | ---- | C] () -- C:\ProgramData\8e0b13c8-ace2-4474-91ca-5e636b42474c
[2013.09.17 18:10:24 | 001,113,710 | ---- | C] () -- C:\Users\Stelljes\Documents\IMG_20130917_0003.jpg
[2013.09.17 18:09:29 | 001,018,436 | ---- | C] () -- C:\Users\Stelljes\Documents\IMG_20130917_0002.jpg
[2013.09.17 18:06:59 | 000,697,167 | ---- | C] () -- C:\Users\Stelljes\Documents\IMG_20130917_0001.pdf
[2011.06.28 20:45:21 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.06 16:58:13 | 000,003,584 | ---- | C] () -- C:\Users\Stelljes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.23 18:06:00 | 000,007,603 | ---- | C] () -- C:\Users\Stelljes\AppData\Local\Resmon.ResmonCfg
[2009.11.04 17:42:13 | 000,022,962 | ---- | C] () -- C:\Users\Stelljes\AppData\Roaming\wklnhst.dat
[2007.01.25 03:52:26 | 000,065,536 | ---- | C] () -- C:\Program Files (x86)\Common Files\NMSAccessU.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:6B9ADB51
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0B9176C0
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:E1F04E8D
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:5D7E5A8F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:98353363
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:93DE1838

< End of report >
Gruß
Nigi

schrauber 30.09.2013 09:04
Gibts nit. In den logs ist nichts zu sehen. Wenn Du in jedem möglichen Benutzer auf Start/alle programme/Autostart gehst, is da irgendwas drin?


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:31 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131